-
Cyber Security Engineer
1 week ago
NovaWorks Solutions Willis, United StatesAbout the Company · Cogitron - Mind for Systems As a consulting firm with technical roots, we help our clients design their products safely and outstandingly in the context of diverse consulting projects. Sometimes we are helpers, sometimes coordinators, and sometimes auditors. · ...
-
IT Security Engineer
6 hours ago
Istituto Marangoni Chicago, United StatesAbout JSSI · For more than 35 years, Jet Support Services, Inc. (JSSI) has been the leading independent provider of maintenance support, advisory services, software, and financial tools to the business aviation industry. With 6,000+ aircraft supported by maintenance programs and ...
-
Security Engineer
1 day ago
Resource Logistics Chicago, United StatesPosition: Security Engineer · Responsibilities: · Participate in secure design reviews and threat modeling for new product features. · dvise on secure Clienthitecture best practices and design patterns. · Perform gap analysis of security and compliance controls, assess the risks, ...
-
Security Engineer
4 weeks ago
TEKsystems Chicago, United StatesJob Description · Job DescriptionExperience with API Security – understand innerworkings of APIs, can come from a DevOps background with an appreciation for security · Analyze security vulnerabilities · Monitor connectivity of those APIs to make sure they are not allowing connect ...
-
Staff Security Engineer
3 weeks ago
Grubhub Chicago, United StatesGrubhub is seeking a Staff Security Engineer to join our Product Security team. As a member of our team you will help us analyze, design and build security technology into our products and services in order to enable trustworthy experiences for Grubhub's diners, merchants, driver ...
-
System Security Engineer
2 weeks ago
Russell Tobin Chicago, United StatesLocation: Dallas TX, Chicago IL, Phoenix AZ (two day on-site Tues / Thurs) · Contract: 6 months potential to extend · Pay Range: $60 to $70/H on W2 - depending upon experience · Summary: · We are seeking a highly motivated and technically skilled Enterprise Security Systems Engin ...
-
Senior Security Engineer
4 days ago
Salesforce Chicago, United StatesTo get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. · Job Category · Software Engineering Job Details · About Salesforce · Were Salesforce, the Customer Company, inspiring the futu ...
-
Security Engineering Manager
2 weeks ago
Amazon Chicago, United StatesAmazon is continuously innovating new services and features for our customers. Our engineers invent, build, and sometimes break things to make them easier, faster, better, and more cost-effective. However, no matter what were building from websites to web services, AR to AI, dron ...
-
Lead Security Engineer
2 days ago
CME Group Chicago, United StatesRole Overview The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge, and provide detailed written reports to key business stakeholders (management, developm ...
-
Cloud Security Engineer
3 weeks ago
Expert In Recruitment Solutions Chicago, United States100% REMOTE · Cloud Security Engineer (AWS) · POSSIBLE CONTRACT TO PERM OPTION · 100% REMOTE · Candidate must work CST Hours · GREENCARD or US CITIZEN MANDATED BY FERERAL CONTRACT · Pre-Qualifying Questions: · 1. Have you held a role as Cloud Security Engineer/Security Aut ...
-
AD Security Engineer
3 weeks ago
TEKsystems Chicago, United States: · Job Description · A Security Engineer contributes to the success of the Bank by building a safe and sound technology environment for business operations. This individual will apply their passion for security and technology to create secure, stable and easy to use solutions fo ...
-
Principal Security Engineer
1 day ago
AbbVie Chicago, United StatesThis position is part of AbbVies Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology w Security Engineer, Monitoring, ...
-
Senior Security Engineer
2 days ago
The Walt Disney Company Chicago, United StatesAbout the Role & Team We are defenders of the magic, waging an epic battle to safeguard our franchises, protect our people, and ensure the world's most admired entertainment company is not disrupted by cybersecurity threats. The Walt Disney Company is scouring the known talent un ...
-
Security Sales Engineer
2 weeks ago
Burrell Associates Chicago, United StatesJob Description · Job DescriptionSecurity Sales Engineer (Chicago, IL) · This Company is keeping organizations safe from cyber-attacks that technology alone cannot prevent. Our 24x7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and res ...
-
Azure Security Engineer
3 weeks ago
Trident Consulting Chicago, United StatesTrident Consulting is looking for an Azure Security Engineer for one of our clients · Increase your chances of an interview by reading the following overview of this role before making an application. · Role: Azure Security Engineer · Location: Chicago IL (Hybrid–Onsite) · T ...
-
Senior Application Security Engineer
4 weeks ago
Informatic Technologies, Inc. Chicago, United StatesOne of our Financial Clients is looking to hire a Sr. Application Security Engineer on a Fulltime basis. If you are someone who is keen on Security and has the patience and skills to perform advanced manual security assessments this role is for you. · 12+ years' experience perfor ...
-
Security Operations Engineer
6 hours ago
Cars Commerce Chicago, United StatesAbout the role: · As a Security Operations Engineer, you will be responsible for ensuring the security of our software development and deployment processes while promoting a culture of security within our organization. You will collaborate closely with development, operations, a ...
-
Principal Security Engineer
3 weeks ago
Glocomms Chicago, United StatesPrincipal Security Engineer · Location: Chicago or Dallas (hybrid, 3-days on-site) · Glocomms are partnered with a leading Financial Services firm in the search for a technically hands-on Principal Security Engineer to join a new division within the organization focusing on tec ...
-
Blockchain Security Engineer
3 weeks ago
Jump Trading Chicago, United States FreelanceJump Trading Group is committed to world class research. We empower exceptional talents in Mathematics, Physics, and Computer Science to seek scientific boundaries, push through them, and apply cutting edge research to global financial markets. Our culture is unique. Constant inn ...
-
AD Security Engineer
3 weeks ago
TEKsystems Chicago, United States: · Job Description · A Security Engineer contributes to the success of the Bank by building a safe and sound technology environment for business operations. This individual will apply their passion for security and technology to create secure, stable and easy to use solutions ...
Lead Security Engineer - Chicago, United States - Informatic Technologies
Description
The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams).
Additionally, the individual will provide application design support and application security best practice guidance, in the form of consultations, to various development teams and business stakeholders.
This role leads by example by performing all the Application Security team responsibilities and providing training opportunities for other team members.
As a technical lead in the Application Security Assessment team, this role must effectively communicate with Clients' technology, business, and third-party partners.
Principal AccountabilitiesLead by example and independently perform all functions and services of the GIS AppSec team.
Conduct advanced web application, micro-services, API, and cloud penetration tests of proprietary and 3rd party on-prem/cloud systems and applications.
Perform targeted manual security reviews at key points in the software development life cycle.
Perform peer reviews of assessment reports and provide constructive guidance to team members.
Train others on tools and processes used in AppSec methodology.
Provide technical guidance to team members and other stakeholders (e.g. development teams, project teams, business stakeholders).
Provide input for strategic visioning/planning.
Identify the need and develop new security standards and reference architectures.
Identify metrics that can help measure performance, gaps in coverage, need for headcount, and trends in findings.
Identify and document process improvements influence team and management support and prioritize changes.
Establish yourself as a recognized technical expert within the team.
Have an interest in continuing your education and training and staying current within the application security domain.
Requirements
12+ years' experience performing security assessments of a wide variety of systems, applications, and technologies which include both proprietary and industry-standard protocols.
Expert knowledge and experience performing manual security reviews of application source code for security vulnerabilities written in various languages including Java, .Net (C#, VB#), C++, *.
Expert level skills with application security testing tools including Burp Suite Pro, Kali, Checkmarx, sqlmap, nmap, Wireshark, etc.Expert knowledge of the Open Web Application Security Project (OWASP) Top 10 vulnerabilities most critical web vulnerabilities and how to identify and remediate them.
Advanced knowledge of application reverse engineering and using tools such as: Java decompilers, .Net decompilers, IDAPro, etc.Advanced knowledge of UNIX/Linux/Windows.
Advanced knowledge with scripting languages such as: Python, bash, Powershell, etc.
Experience with drafting of Security Standards, Reference Architectures, and Secure Technical Implementation Guidelines.
Have a passion for application security testing and be able to share your passion and learnings with teammates and customers.
Self-motivated and a self-starter (If you have a question, find the answer, ask somebody, figure it out, and communicate).Excellent Oral and Written communication skills.
Nice to have
Certifications such as GWAPT, eWPTx, OSCP, OSWE, CISSP, or other relevant certifications are highly preferred.
Education
A Bachelor's or Master's degree in Computer Science, Information Systems or other related discipline is required; or an equivalent combination of education and relevant proven work experience.
#J-18808-Ljbffr