Lead Security Engineer
2 weeks ago
The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams).
Additionally, the individual will provide application design support and application security best practice guidance, in the form of consultations, to various development teams and business stakeholders. The individual is also responsible for championing security through the design and delivery of integrated solution architectures.
This role leads by example by performing all the Application Security team responsibilities and providing training opportunities for other team members. As a technical lead in the Application Security Assessment team, this role must effectively communicate with Clients' technology, business, and third-party partners.
Principal Accountabilities
- Lead by example and independently perform all functions and services of the GIS AppSec team.
- Conduct advanced web application, micro-services, API, and cloud penetration tests of proprietary and 3rd party on-prem/cloud systems and applications.
- Perform targeted manual security reviews at key points in the software development life cycle.
- Perform peer reviews of assessment reports and provide constructive guidance to team members.
- Train others on tools and processes used in AppSec methodology.
- Provide technical guidance to team members and other stakeholders (e.g. development teams, project teams, business stakeholders).
- Provide input for strategic visioning/planning.
- Identify the need and develop new security standards and reference architectures.
- Identify metrics that can help measure performance, gaps in coverage, need for headcount, and trends in findings.
- Identify and document process improvements influence team and management support and prioritize changes.
- Establish yourself as a recognized technical expert within the team.
- Have an interest in continuing your education and training and staying current within the application security domain.
Requirements
- 12+ years' experience performing security assessments of a wide variety of systems, applications, and technologies which include both proprietary and industry-standard protocols.
- Expert knowledge and experience performing manual security reviews of application source code for security vulnerabilities written in various languages including Java, .Net (C#, VB#), C++, *.
- Expert level skills with application security testing tools including Burp Suite Pro, Kali, Checkmarx, sqlmap, nmap, Wireshark, etc.
- Expert knowledge of the Open Web Application Security Project (OWASP) Top 10 vulnerabilities most critical web vulnerabilities and how to identify and remediate them.
- Advanced knowledge of application reverse engineering and using tools such as: Java decompilers, .Net decompilers, IDAPro, etc.
- Advanced knowledge of UNIX/Linux/Windows.
- Advanced knowledge with scripting languages such as: Python, bash, Powershell, etc.
- Experience with drafting of Security Standards, Reference Architectures, and Secure Technical Implementation Guidelines.
- Have a passion for application security testing and be able to share your passion and learnings with teammates and customers.
- Self-motivated and a self-starter (If you have a question, find the answer, ask somebody, figure it out, and communicate).
- Excellent Oral and Written communication skills.
Nice to have
- Certifications such as GWAPT, eWPTx, OSCP, OSWE, CISSP, or other relevant certifications are highly preferred.
Education
A Bachelor's or Master's degree in Computer Science, Information Systems or other related discipline is required; or an equivalent combination of education and relevant proven work experience.
-
Security Officer Lead
1 month ago
Chicago, United States P4 Security Solutions Full timeSecurity Officer Lead - Ensuring the team is executing security services. - Execute security services including (CCTV). - Conducting walking patrols of building/ facility and/or vehicular patrols, depending on the work site. - Identifying and reporting security threats, unsafe conditions, or hazards, and/or other emergency situations. - Writing detailed...
-
Lead Application Security Engineer
1 week ago
Chicago, United States Informatic Technologies Full timeJob Title: Lead Security Engineer-Application SecurityJob Location: Chicago, ILJob Type: Full TimeThe Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and...
-
Lead Security Engineer
1 week ago
Chicago, United States Informatic Technologies Full timeThe Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Additionally, the individual will provide application design support and...
-
Lead Security Engineer
10 hours ago
Chicago, United States Diverse Lynx Full timeJob Profile : Lead Security Engineer Job Location : Chicago, IL ( Only local candidate ) Type- Contract ( C2C/W2 ) Duration- Long term contract Lead Identity centric Workforce Security solutions team to develop authentication and access management solutions • Drive the development of identity solutions, access patterns, modern security protocols,...
-
Lead Security Engineer
1 week ago
Chicago, United States Informatic Technologies Full timeThe Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Learn more about the general tasks related to this opportunity below, as well...
-
Lead Security Engineer
2 weeks ago
Chicago, United States Informatic Technologies Full timeThe Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Additionally, the individual will provide application design support and...
-
Lead Security Engineer
2 weeks ago
Chicago, United States Informatic Technologies, Inc. Full timeThe Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams).Additionally, the individual will provide application design support and...
-
Lead Security Engineer
7 days ago
Chicago, United States CME Group Full timeDescription Role Overview The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge, and provide detailed written reports to key business stakeholders (management, development teams). Additionally, the individual will provide application...
-
Lead Security Engineer
1 month ago
Chicago, United States Chicago Mercantile Exchange Inc. Full timeDescription Role Overview The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge, and provide detailed written reports to key business stakeholders (management, development teams). Additionally, the individual will provide application...
-
Lead Security Engineer
1 month ago
Chicago, United States CME Group Full timeDescription Role Overview The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge, and provide detailed written reports to key business stakeholders (management, development teams). Additionally, the individual will provide application...
-
Lead Application Security Engineer
7 days ago
Chicago, United States Informatic Technologies Full timeThe Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge and providing detailed written reports to key business stakeholders (management, and development teams). Learn more about the general tasks related to this opportunity below, as...
-
Lead Software Engineer
4 weeks ago
Chicago, Illinois, United States Center for Research in Security Prices (CRSP) Full timeAbout UsCRSP is a leader in providing research-quality data to scholars and investors, advancing the body of knowledge in finance, economics, and related disciplines for over 60 years. Nearly 500 leading academic institutions in 35 countries around the world rely on CRSP data for quality and timely academic securities research.Current projects include...
-
Lead Security Engineer
1 month ago
Chicago, IL, United States CME Group Full timeDescription Role Overview The Lead Security Engineer Application Security is responsible for performing advanced manual security assessments on applications and systems that require specialized knowledge, and provide detailed written reports to key business stakeholders (management, development teams). Additionally, the individual will provide application...
-
Lead Cyber Security Engineer
6 hours ago
Chicago, United States CME Group Full timeApplications processed via employer's online application form As the world's leading and most diverse derivatives marketplace, CME Group (www.cmegroup... Lead Cyber Security Engineer - Threat Simulation We are looking for a Lead Cyber Security Engineer - Threat Simulation to be an integral part of our Offensive Security organization and contribute towards...
-
Principal Security Engineer
4 weeks ago
Chicago, United States Glocomms Full timePrincipal Security EngineerLocation: Chicago or Dallas (hybrid, 3-days on-site)Glocomms are partnered with a leading Financial Services firm in the search for a technically hands-on Principal Security Engineer to join a new division within the organization focusing on technology strategy and innovation. The new division has been founded to research new and...
-
Principal Security Engineer
4 weeks ago
Chicago, United States Glocomms Full timePrincipal Security EngineerLocation: Chicago or Dallas (hybrid, 3-days on-site)Glocomms are partnered with a leading Financial Services firm in the search for a technically hands-on Principal Security Engineer to join a new division within the organization focusing on technology strategy and innovation. The new division has been founded to research new and...
-
Senior Security Engineer
1 month ago
Chicago, United States Bank of America Full timeDescription : The Information Security Engineer will lead strategic security efforts to expand technology offerings within the Merchant and Small Business technology portfolio. This role will work across various security and technology teams to define, drive, and deliver major security components to meet program objectives. Knowledge and experience...
-
Principal Security Engineer
1 week ago
Chicago, United States Phaidon International Full timePrincipal Security EngineerLocation: Chicago or Dallas (hybrid, 3-days on-site) Glocomms are partnered with a leading Financial Services firm in the search for a technically hands-on Principal Security Engineer to join a new division within the organization focusing on technology strategy and innovation. The new division has been founded to research new and...
-
Lead Technician
1 week ago
Chicago, United States Security 101 Full timeJob DescriptionJob DescriptionSecurity 101 – Chicago is now recruiting a Lead Commercial Security Technician that has experience installing commercial electronic security devices primarily IP network systems and overall security systems. Salary Hourly wage varies from $35.00 to $42.00, non-exempt, commensurate with skills, product knowledge and experience....
-
Group Lead, Network Engineering
7 days ago
Chicago, United States The Kraft Heinz Company Full timeThe Lead, Network Engineering ensures Network solutions are stable, reliable, and secure. This role is responsible for end-to-end management and delivery of Network engineering projects solutioning. What's on the menu? Demonstrated understanding of a Network Engineer, Network, Engineer, Lead, Manufacturing, Technology