Senior Application Security Engineer - Chicago, IL
1 day ago
Job description
Exciting opportunity for a Senior AppSec Specialist for a Hybrid role in downtown Chicago. This role is with a company that has made it their mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. They are searching for an Individual to join their Security team and help them get to the next level.
As their Senior Application Security Engineer, you will be the primary owner and driver of the application security program. You'll work hands-on with engineering teams to embed secure development practices, improve tooling and automation, and guide security considerations for new features, architectures, and services. This is a high-impact role where you'll shape the future of AppSec at a company that values security as a core part of product quality.
Required Skills & Experience
- 3–7+ years of experience in Application Security, Product Security, or related software engineering roles
- Strong understanding of secure coding practices, common vulnerabilities (OWASP Top 10), and modern SDLC
- Experience working with cloud-native applications, ideally in AWS
- Understanding of SSL certificates & cryptographic key management
- Hands-on experience with SAST, DAST, WAFs, and/or mobile application security tools
- Ability to partner effectively with developers and influence secure design decisions
- Familiarity with GitHub-based workflows and CI/CD pipelines
Desired Skills & Experience
- Software development background (Ruby on Rails experience strongly preferred)
- Experience with mobile app security (React Native)
- Terraform or Infrastructure as Code (IaC) experience
- Experience with enterprise security tooling (GitHub Advanced Security, Invicti, Hadrian, AppDome, Cloudflare WAF)
- Experience configuring and managing security tools, not just consuming their output
- Strong communication skills with ability to train and educate development teams
What You Will Be Doing
Tech Environment
- Ruby on Rails web applications
- React Native mobile applications
- AWS cloud infrastructure (ECS, IAM, networking)
- GitHub-based CI/CD pipelines
- Security tooling: GitHub Advanced Security, Invicti (DAST), Hadrian (ASM), AppDome, Cloudflare WAF
Daily Responsibilities
- 70% Hands-On Technical Work (tooling configuration, security reviews, automation, vulnerability triage)
- 30% Collaboration & Training (partnering with development teams, security guidance, developer enablement)
Key Responsibilities
- Own and evolve the application security program, working as a single contributor reporting to the IT Director
- Configure, manage, and optimize security tools—not just consume their findings but truly own the tooling
- Partner directly with product development teams (5-person security team, but you'll build relationships across engineering)
- Help developers understand and remediate security findings through collaboration, not just ticketing
- Integrate security into CI/CD pipelines and development workflows
- Provide security training and guidance to development teams on secure coding practices
- Collaborate with DevOps on AWS infrastructure security and hardening efforts
The Offer
- Hybrid schedule: 2 days per week in office (Monday & Wednesday)
- Location: Chicago, IL
- High-impact role at a successful, rapidly growing company
- Leadership that enthusiastically supports security with deep pockets for best-in-class tooling
- High exposure to building a world-class security program from the ground up
You will receive the following benefits:
- Medical, Dental, and Vision Insurance
- Vacation Time
- Stock Options
Applicants must be currently authorized to work in the US on a full-time basis now and in the future.
Posted By:
Kylie Lenz
Similar jobs
Protect the integrity and confidentiality of HUB data and infrastructure while enabling business functionality in all systems and environments by supporting applicable security solutions. · We believe in empowering our employees to learn, grow, · and make a difference. Our struct ...
1 month ago
This is a CFTC-regulated setting that requires a hands-on technical lead responsible for securing both corporate and production environments. The role will oversee the security of internally developed services hosted in the cloud, while acting as the primary administrator across ...
1 week ago
About Agoda · At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world. · Today, we are part of Booking Holdings [NASD ...
1 day ago
+We are seeking an experienced senior level endpoint security engineer with Windows, iOS, MacOS, and Android enterprise expertise. · + · Detecting, remediating, and mitigating workstation and mobile security vulnerabilities · Conduct extensive testing and supporting of critical a ...
1 week ago
RAPP is looking for a Security Engineer to join our Technology team. · ...
1 month ago
+ Job summary: As an IT Security Engineer, you will be responsible for designing, implementing, and continuously improving the technical security controls that protect the organization's digital assets based on identifying and assessing new attack vectors and strategies used in t ...
2 weeks ago
We are RAPP – world leaders in activating growth with precision and empathy at scale. · RAPP is looking for a Security Engineer to join our award-winning Technology team. · This role ensures ongoing compliance and security through continuous monitoring and evaluation activities, ...
1 month ago
We are partnering with a small established organization in the financial services space seeking a DevSecOps / Infrastructure Engineer to join a lean collaborative team. · This role is ideal for someone who enjoys working across infrastructure security and automation in an environ ...
3 weeks ago
We are seeking a Security Engineer to serve as a hands-on technical lead responsible for securing both corporate and production environments. · ...
1 week ago
We are seeking a highly motivated and detail-oriented Security Engineer to help secure our securities-backed lending SaaS platform.The successful candidate will focus primarily on application security, secure SDLC, and application vulnerability management · ...
1 month ago
We are looking for a highly skilled professional to manage privileged access systems, implement AI-driven security capabilities, and help shape the future of security architecture. · ...
1 week ago
Circle es una empresa lidera en plataformas financieras que construye la base de una economía más abierta y global mediante activos digitales, aplicaciones de pago e infraestructura blockchain programable. Como Ingeniero Principal Seguridad en Cloud para Circle jugarás un papel c ...
1 week ago
+Job summary · This position is responsible for developing and implementing enterprise information security solutions to address the current and emerging security and compliance needs of the business. · +ResponsibilitiesServing as a cybersecurity engineer in application developme ...
3 weeks ago
This job is for a security engineer to work with One Identity Manager. The ideal candidate should have experience implementing enhancements to mature an IAM program currently utilizing One Identity Manager Integration experience with Workday, ServiceNow, PAM, Active Roles, AD and ...
1 week ago
We are seeking an experienced senior level endpoint security engineer with Windows, iOS, MacOS, and Android enterprise expertise. · Bachelors degree in Computer Science or related field. · ...
1 week ago
We are looking for a skilled Network Security Engineer to join our dynamic team and contribute to our mission of transforming business processes through technology.This is a fantastic opportunity to join an established and well-respected organization offering tremendous career gr ...
1 week ago
We are seeking a Security Engineer to join our team. The successful candidate will have experience working with enterprise environments and ForgeRock suite including AM, IG, IDM, DS. · ...
3 weeks ago
We're looking for a Security Platform Engineer to help design and build scalable security platforms that protect cloud environments and enable secure engineering at scale. · ...
1 week ago
The Senior Security Engineer will blend deep technical expertise with strong customer-facing skills to build trust and drive successful outcomes for our clients. · ...
1 week ago
We are looking for a Cloud Security Engineer who will be responsible for securing our cloud infrastructure and applications. · ...
5 days ago
Manage privileged access systems that protect most critical assets implement AI-based security capabilities and help shape security architecture. · ...
1 month ago