Application Security Engineer

About The Position

Requirements

• 2+ years of programming, scripting and/or DevOps experience and 3+ years of information security experience
• Experience performing security testing of an application using Static Application Security testing (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA) tooling.
• Experience in reviewing findings from the above tools to analyze false positives and recommend security fixes.
• Demonstrated comprehension of the OWASP Top 10 and an ability to communicate with developers and application architects.

Nice To Haves

• Information security qualification such as CISSP
• GIAC or related certifications related to application pen testing or secure development
• Experience with threat modeling and familiar with using frameworks to guide decision making based on risk tolerance and business objectives
• Experience in security AI development tooling (Claude Code, Copilot, Cursor, MCP)
• Experience in securing Agentic AI features within an application/product
• Experience with technology/tools such as Kubernetes, Docker, Jenkins, Terraform, AWS, Github, etc
• Experience automating security testing into CI/CD pipelines

Responsibilities

• Use SAST, DAST, SCA and Secrets Detection tooling to find vulnerabilities as part of security hygiene and integrated into CI/CD pipelines
• Ensure that we are designing platforms, implementing tools and building products with security in mind.
• Serve as trusted advisor and collaborator to developers to identify new threats, attack methods, and techniques, to develop and prioritize mitigation plans (threat modeling & governance)
• Influence stakeholders to correct security deficiencies in solution design as well as developed code
• Collaborate with partners in infrastructure and engineering to measurably harden, monitor, and ensure resilience for our cloud-hosted platforms and software development lifecycle.
• Participate in cross-organizational security projects and work to continuously improve our security posture
• Integrate with a maturing vulnerability management program to ensure tracking and remediation of security issues.

Benefits

• Comprehensive Health & Wellness: Premium BCBSIL medical, dental (high/low plans), and vision (Eyemed) insurance for you and your eligible dependents.
• Premium Mental Health Support: Full, free access to Modern Health for you and your dependents, including coaching, therapy sessions, and digital wellness resources.
• Retirement Savings: 401(k) plan with a 50% company match on your first 6% of contributions (a 3% total match).
• Financial Security: 100% employer-paid Life and Disability insurance for your peace of mind.
• Flexible Paid Time Off: A flexible PTO policy, supplemented with additional company-wide Rest & Recharge days throughout the year.
• Paid Parental Leave: Up to 16 weeks of paid leave for new parents to support you in expanding your family.
• Annual Lifestyle Stipend: A $1,000 USD annual Lifestyle Spending Account to spend on your physical, mental, and financial well-being.
• Work From Home Support: A one-time $550 USD stipend to set up your home office, plus a monthly $50 USD stipend for internet.
• Giving Back: 16 hours of paid volunteer time annually, plus a $100 annual match for your charitable donations.
• Additional Financial Perks: Access to pre-tax commuter benefits, subsidized child/eldercare (Care.com), discounted pet insurance (Figo), and no-cost personalized financial wellness support through Your Money Line.