Application Security Engineer (27127)
About The Position
LRS has prospered for over 30 years because our corporate philosophy embraces honest, ethical and hard-working people. If that describes your approach to IT consulting, we need to talk! LRS Consulting Services is seeking an experienced Application Security Engineer for a direct hire opportunity (with remote work options) with our financial client in downtown Chicago, IL! LRS Consulting Services has been delivering the highest quality consultants to our clients since 1979. We've built a solid reputation for dealing with our clients and our consultants with honesty, integrity, and respect. We work hard every day to maintain that reputation, and we're very interested in candidates who can help us. If you're that candidate, this opportunity is made for you!
Requirements
- Bachelor's degree in computer science or a related field
- 4 years of experience executing application security testing methodologies (e.g., SAST, SCA, DAST, etc.)
- Strong understanding of security frameworks, best practices, and common vulnerabilities (e.g., NIST, OWASP Top 10)
- Experience with intrusion detection systems and vulnerability scanners
- Experience integrating security tools and processes into the DevOps pipeline
- Background in modern software development technologies (pref., MS .NET, C#, T-SQL, React, JavaScript, etc.)
- Experience with most/all of the following: Cloud, Access Control, DevOps, and Containerization technologies (pref., Azure, including Entra External ID, cloud-native microservices, Kubernetes, and Docker)
- Candidates must have permanent authorization to work in the USA for any employer
- Corp to Corp candidates will not be considered
Nice To Haves
- Relevant certifications such as CISSP, CSSLP, OSCP, CEH, or Azure Security Engineer Associate a plus
- Experience using AI tools to accelerate or improve software development processes and the risks of using generative AI or machine learning a plus
Responsibilities
- Collaborate with developers and operations teams to anticipate security vulnerabilities, proactively assess and identify potential risks, develop mitigation strategies, and ensure that security measures are incorporated throughout the entire application development process
- Lead application security reviews and threat modeling efforts, including code reviews, dynamic testing, penetration testing, hacker simulations, and reviewing applications against OWASP Top 10
- Integrate security tools and processes into the DevOps pipeline to automate security checks and scans to identify and fix vulnerabilities early in the development process
- Establish and maintain secure coding standards and best practices and provide guidance and training to development teams
- Collaborate with development, DevOps, and IT teams to ensure that security measures are implemented in production environments
- Help manage security incident response and recovery processes, including impact assessment, remediation, root cause analysis, and preventative measures
- Define, develop, and present key application security metrics, identify critical issues proactively, and communicate them effectively to stakeholders.
- Ensure compliance with relevant security regulations and standards, especially those relevant to banking and finance
- Stay current with the latest security threats, trends, and countermeasures to ensure that the organization's applications are always protected
- Other duties as assigned
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Industry
Professional, Scientific, and Technical Services
Number of Employees
501-1,000 employees
