Application Security Engineer

Company: Paul May & Associates
Location: Chicago, Illinois, United States
Type: Full-time
Posted: 04.OCT.2019

Summary

Job Title: Application Security Engineer Location of role: Chicago, Illinois 60606 Salary or Hourly range: 175K or Depending on experience...

Description

Job Title: Application Security Engineer

Location of role: Chicago, Illinois 60606

Salary or Hourly range: 175K or Depending on experience

Company relocation - At this time, client will NOT relocate for this role

Company sponsorship - At this time, client will NOT sponsor for this role

Travel: This role may require 0% travel

Duration of role: Direct hire Role - Fulltime

Key Points of the role:

Requirements

  • Significant experience in application security technologies and processes within public cloud environments (AWS, GCP, etc.) including monitoring and implementing OWASP web application security best practices, API security, authentication mechanism, vulnerability and application scanning, and web application scanning/firewalls (WAS/WAF).
  • Experience with manual and automated software testing, fuzzing, static/dynamic code analysis, and manual code reviews.
  • Strong debugging skills. Ability to spot design flaws, race conditions, performance bottlenecks in complex architectures and simple misconfigurations
  • 4+ years of experience working directly in Application Security
  • Significant development experience with modern programming languages (C++, Ruby, Javascript, Python)
  • Strong communication and collaboration skills
  • Working knowledge of Linux

Job Description Details:

FinTech start up with entrepreneurial mindset combined to work together to develop disruptive technologies and capital markets products. As the Senior Application Security Engineer, your job is to take ownership and drive efforts to integrate security into all aspects of software development. You ll work closely with DevOps, Engineering, and Security teams to solve problems, evolve processes, and improve our application security posture. We are looking for someone with strong, hands-on engineering expertise who wants to take responsibility for designing new ways of securing the software that supports trading of digital assets. Cryptocurrency is an evolving and fast-moving area; the ability to remain nimble yet deliver robust and secure services to clients is essential. Our ideal candidate is a creative and analytical problem solver with strong technical troubleshooting skills and the ability to exercise mature judgment under pressure.

REQUIREMENTS

Key Responsibilities:

  • Lead application security testing efforts
  • Lead bug intake and remediation process
  • Lead the remediation of application vulnerability scanning and penetration testing
  • Manage security integration into the SDLC process
  • Support code reviews across all code platforms
  • Help evolve application security functions and services
  • Identify security exposures and develop mitigation plans
  • Become a subject matter expert for application security solutions
  • Own and document medium/large security-related epics and follow through until completion.

Preferred

  • Familiarity with technology/tools such as Kubernetes, Docker, Puppet, Jenkins, Ansible, Terraform, etc.
  • Demonstrated ability integrating security concepts into a DevOps Software Development Lifecycle (SDLC), including for threat modeling and security architecture design/specification, both at the full system level component levels
  • Ability to demonstrate past experience making trade-offs between functional and usability requirements with security requirements
  • Familiarity with cryptography concepts (AES vs. RSA, PKI, TLS, etc.)
  • Solid understanding of network protocols and security concepts
- provided by Dice

 
Apply Now

Share

Free eBook

Flash-bkgn
Loader2 Processing ...