Email Alert for
ⓘ There was an unexpected error processing your request.
Please refresh the page and try again.
If the problem persists, please contact us with your issue.
You can always manage your preferences and update your interests to ensure you receive the most relevant opportunities.
Get ready to discover your next great opportunity.
CME Group
Chicago, IL, United States
Description Role Overview The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge, and provide detailed written reports to key business stakeholders (management, development teams). Additionally, the individual will provide appl
Job Source: CME GroupMatch Group
Chicago, IL, United States
We are looking for an Lead Application Security Engineer to help us ensure the highest standard of security for Match Group brands and our members across the world. You will manage a small team and lead collaborations across various brands within the portfolio such as Tinder, Hinge, and Plenty of Fish to develop, design and execute security priorit
Job Source: Match GroupMatch Group
Chicago, IL, United States
We are looking for an Team Lead - Application Security Engineer to help us ensure the highest standard of security for Match Group brands and our members across the world. You will manage a small team and lead collaborations across various brands within the portfolio such as Tinder, Hinge, and Plenty of Fish to develop, design and execute security
Job Source: Match GroupAmazon
Chicago, IL, United States
Description In Amazon Stores, we ship some of the widest arrays of technology found at any company. From Amazon.com to world class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe’s largest AWS deployment. As an AppSec engineer, you will
Job Source: AmazonAmazon
Chicago, IL, United States
Security Engineer II, Application Security Job ID: 2467051 | Amazon.com Services LLC In Amazon Stores, we ship some of the widest arrays of technology found at any company. From amazon.com to world class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction u
Job Source: AmazonAmazon
Chicago, IL, United States
Description In Amazon Stores, we ship some of the widest arrays of technology found at any company. From Amazon.com to world class machine learning pipelines, from cutting-edge digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe’s largest AWS deployment. As an AppSec engineer, you will
Job Source: AmazonOpenGov
Chicago, IL, United States
OpenGov is home to an exceptional team - passionate about our mission to power more effective and accountable government. By bringing the OpenGov Cloud to our nation's state and local government, we're transforming communities so they can thrive! Imagine yourself being able to owners open their doors faster, ensuring our are accounted for, creatin
Job Source: OpenGovChime
Chicago, IL, United States
About the Role As a Senior Application Security Engineer, you'll be essential in protecting our advanced web and mobile software. You'll collaborate with diverse teams to lead security initiatives, conduct thorough code reviews, and enhance secure design practices. Your clear communication will be crucial as you explain security trade-offs and crea
Job Source: ChimeChicago, IL, United States
Job Title: Lead Security Engineer–Application Security
Job Location: Chicago, IL
Job Type: Full Time
The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams).
Additionally, the individual will provide application design support and application security best practice guidance, in the form of consultations, to various development teams and business stakeholders. The individual is also responsible for championing security by designing and delivering integrated solution architectures.
This role leads by example by performing all the Application Security team responsibilities and providing training opportunities for other team members. As a technical lead in the Application Security Assessment team, this role must effectively communicate with Clients' technology, business, and third–party partners.
Principal Accountabilities
Lead by example and independently perform all functions and services of the GIS AppSec team
Conduct advanced web application, micro–services, API, cloud penetration tests of proprietary and 3rd party on–prem/cloud systems and applications.
Perform targeted manual security reviews at key points in the software development life cycle.
Perform peer reviews of assessment reports and provide constructive guidance to team members.
Train others on tools and processes used in AppSec methodology.
Provide technical guidance to team members and other stakeholders (e.g. development teams, project teams, business stakeholders).
Provide input for strategic visioning / planning.
Identify the need and develop new security standards and reference architectures.
Identify metrics that can help measure performance, gaps in coverage, need for head count, trends in findings.
Identify and document process improvements and influence team and management support and prioritize changes.
Establish yourself as a recognized technical expert within the team.
Have an interest in continuing your education and training and staying current within the application security domain.
Requirements
12+ years' experience performing security assessments of various systems, applications, and technologies, including proprietary and industry–standard protocols.
Expert knowledge and experience performing manual security reviews of application source code for security vulnerabilities written in various languages including Java, .Net (C#, VB#), C++, .
Expert level skills with application security testing tools including Burp Suite Pro, Kali, Checkmarx, sqlmap, nmap, Wireshark, etc.
Expert knowledge of the Open Web Application Security Project (OWASP) Top 10 vulnerabilities most critical web vulnerabilities and how to identify and remediate them.
Advanced knowledge of application reverse engineering and using tools such as: Java decompilers, .Net decompilers, IDAPro, etc.
Advanced knowledge of UNIX/Linux/Windows.
Advanced knowledge with scripting languages such as: Python, bash, Powershell, etc.
Experience with drafting of Security Standards, Reference Architectures and Secure Technical Implementation Guidelines.
Have a passion for application security testing and be able to share your passion and learnings with teammates and customers.
Self–motivated and a self–starter (If you have a question, find the answer, ask somebody, figure it out, and communicate).
Excellent Oral and Written communications skills.
Nice to have
Certifications such as GWAPT, eWPTx, OSCP, OSWE, CISSP, or other relevant certifications are highly preferred.
Education
A Bachelor's or Master's degree in Computer Science, Information Systems, or other related discipline is required; or an equivalent combination of education and relevant proven work experience.
Lead Application Security Engineer
#J-18808-Ljbffr
Email Alert for Lead Application Security Engineer jobs in Chicago, IL, United States
ⓘ There was an unexpected error processing your request.
Please refresh the page and try again.
If the problem persists, please contact us with your issue.
You can always manage your preferences and update your interests to ensure you receive the most relevant opportunities.
Get ready to discover your next great opportunity.