Senior Application Security Engineer

Chicago, IL, United States

About the Role

As a Senior Application Security Engineer, you'll be essential in protecting our advanced web and mobile software. You'll collaborate with diverse teams to lead security initiatives, conduct thorough code reviews, and enhance secure design practices. Your clear communication will be crucial as you explain security trade-offs and create practical solutions to manage risks effectively.

You bring a proactive, self-motivated attitude, combined with curiosity and practicality that effectively handles and minimizes application security risks. Our team appreciates diverse work styles, recognizing both the impact of taking initiative and the insight of deliberate decision-making.

Within our tight-knit team, innovation is at the core of how we tackle challenges. We excel in projects that create meaningful benefits for our members. Embracing a strong security culture is fundamental to our company, and we openly share our knowledge and accomplishments through public blogs and conferences, contributing to the larger cybersecurity community and our own professional development.

The base salary offered for this role and level of experience will begin at $167,200 and up to $232,200. Full-time employees are also eligible for a bonus, competitive equity package, and benefits. The actual base salary offered may be higher, depending on your location, skills, qualifications, and experience.

In this role, you can expect to

Collaborate closely with software engineers to enhance security best practices.

Provide expert guidance on secure design and conduct thorough risk analysis for web/mobile applications.

Lead security initiatives, mentor team members, and manage multiple projects.

Drive the adoption of secure coding practices and contribute to vulnerability management.

Seamlessly integrate security into the CDLC, overseeing bug bounty programs and third-party penetration tests.

Conduct internal penetration tests as needed to identify vulnerabilities.

Establish safe-by-default guardrails for engineer usage.

Present findings and solutions to leadership and peers, highlighting impacts.

Partner with engineering for threat modeling of new services and infrastructure.

Develop automated systems and monitoring for enforcing security policies and threat detection.

Advocate vigorously for security best practices, nurturing a company-wide culture of diligence.

Thrive in an agile environment, flexibly contributing to evolving security measures.

Effectively communicate findings and implications to leadership and fellow engineers.

To thrive in this role, you have

A bachelor's degree in CS, InfoSec, or equivalent practical experience.

Expertise in web/backend app security; bonus for mobile and AWS.

Proficiency in at least one programming language (e.g. Python, Java, Ruby, GoLang, JavaScript).

Strong leadership, problem-solving, and communication skills.

A track record in performing threat modeling, or application penetration testing.

Project management skills, driving initiatives to completion.

A commitment to shaping fintech security culture

The ability to clearly articulate prioritized, actionable security work for Engineering.

A demonstrable history in improving security posture through impactful cross-functional projects.

Ruby / Ruby on Rails / Go (golang) experience is a plus.

A little about us

At Chime, we believe that everyone can achieve financial progress. We’re passionate about developing solutions and services to empower people to succeed. Every day, we start with empathy for our members and stay motivated by our desire to support them in ways that make a meaningful difference.

We created Chime—a financial technology company, not a bank*-- founded on the premise that basic banking services should be helpful , transparent , and fair . Chime helps unlock the access and ability our members need to overcome the systemic barriers that block them from moving forward. By providing members with access to liquidity, rewards, and credit building, our easy-to-use tools and intuitive platforms give members the ability to have more control over their money and to take action toward achieving their financial ambitions.

So far, we’re well-loved by our members and proud to have helped millions of people unlock financial progress, whether they started a savings account, bought their first car or home, opened a business, or went to college. Every day, we’re inspired by our members’ dreams and successes, big and small.

We’re uniting everyday people to unlock their financial progress—will you join us?

*Chime partners with The Bancorp Bank and Stride Bank, N.A., Members FDIC, that power the bank accounts used by Chime Members.

What we offer

Competitive salary based on experience

✨ 401k match plus great medical, dental, vision, life, and disability benefits

Generous vacation policy and company-wide Take Care of Yourself Days

1% of your time off to support local community organizations of your choice

Mental health support with therapy and coaching through Modern Health

16 weeks of paid parental leave for all parents and an additional 6-8 weeks for birthing parents

Access to Maven, a family planning tool, with up to $10k in reimbursement for egg freezing, fertility treatments, adoption, and more.

Hybrid work perks, like UrbanSitter and Kinside for backup child, elder and/or pet care, as well as a subsidized commuter benefit

A thoughtful hybrid work policy that combines in-office days and trips to team and company-wide events depending on location to ensure you stay connected to your work and teammates, whether you’re local to one of our offices or remote

In-person and virtual events to connect with your fellow Chimers—think cooking classes, guided meditations, music festivals, mixology classes, paint nights, etc., and delicious snack boxes, too!

A challenging and fulfilling opportunity to join one of the most experienced teams in FinTech and help millions unlock financial progress

We know that great work can’t be done without a diverse team and inclusive environment. That’s why we specifically look for individuals of varying strengths, skills, backgrounds, and ideas to join our team. We believe this gives us a competitive advantage to better serve our members and helps us all grow as Chimers and individuals.

We hire candidates of any race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family status, disability, Veteran status, and any other status. Chime is proud to be an Equal Opportunity Employer and will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance, Cook County Ordinance, and consistent with Canadian provincial and federal laws. If you have a disability or special need that requires accommodation, please let us know.

To learn more about how Chime collects and uses your personal information during the application process, please see the Chime Applicant Privacy Notice.

#LI-AY1