Senior Information Security Engineer – Applications

Faegre DrinkerIndianapolis, IN
19h$120,000 - $130,000

About The Position

Faegre Drinker has an opportunity for a Senior Information Security Engineer – Applications to work with our Technology, Information Security & Information Governance team in our Chicago, Denver, Florham Park, downtown Indianapolis, Minneapolis, Philadelphia, Princeton, Washington, D.C. or Wilmington offices. You will be part of a dynamic team responsible for ensuring that firm applications and services are designed, developed, and configured in a secure manner. This position will work with other talented individuals who share a passion for doing great work in the best interest of our clients.

Requirements

  • Ability to problem-solve
  • Excellent interpersonal, verbal and written communication skills, including the ability to communicate effectively in a virtual environment (e.g., via phone, web/videoconference)
  • Ability to concentrate on tasks, make decisions and work calmly and effectively in a high-pressure, deadline-orientated environment
  • Demonstrated ability to use good judgment in taking initiative while asking for direction or clarification and consulting others, as appropriate
  • Willingness to be flexible with time and adjust to a changing work environment
  • Ability to build and maintain positive relationships, both internally and externally, while maintaining a client service orientation
  • Ability to use sound judgment and discretion in dealing with highly confidential information
  • Ability to take direction and accept supervision
  • Demonstrated ability to work independently, organize and accurately prioritize work, be detail-oriented, understand when urgency is required and use good judgment in varied situations
  • Ability to work effectively with co-workers in a team oriented collaborative environment
  • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent combination of education and relevant experience.
  • Minimum of eight (8) years of relevant experience in development, quality assurance, or information security technical roles.
  • Proven expertise in secure software development, including integration of security practices within the Software Development Life Cycle (SDLC).
  • Deep and broad knowledge of the SDLC, with experience delivering applications and services in Azure and hybrid environments.
  • Strong understanding of OWASP Top 10 vulnerabilities and secure coding principles.
  • Hands-on experience in multiple programming languages and conducting thorough code reviews.
  • Experience performing application-level penetration testing and vulnerability assessments.
  • Detailed technical knowledge of application, operating system, and network security.
  • Strong experience with network security, networking technologies, and system, security, and network monitoring tools.
  • Thorough understanding of current security principles, techniques, and protocols.
  • Ability to effectively communicate information security issues, risks, and recommendations to both technical and non-technical peers and stakeholders.

Nice To Haves

  • Relevant professional certifications (e.g., CISSP, CEH, or equivalent) and/or additional education or specialized training in secure software development are highly preferred.

Responsibilities

  • Leads comprehensive vulnerability and configuration assessments to ensure Azure and on-premises applications and services are secure and aligned with industry best practices.
  • Performs advanced risk and threat assessments for applications, identifying potential attack paths, misconfigurations, and development flaws.
  • Executes in-depth application-layer security assessments, including secure code reviews, static and dynamic testing, and vulnerability analysis.
  • Drives red teaming exercises, secrets management, and proactive identification of application security risks to strengthen defenses.
  • Provides consistent and proactive updates to the Director, delivering risk-based insights, potential impacts, and recommendations for timely mitigation.
  • Continuously evaluates downstream impacts of application changes and proactively advises leadership on implications, dependencies, and risk reduction strategies.
  • Collaborates with internal teams and external service providers to implement and enforce security best practices, ensuring robust application protection.
  • Serves as a key contributor to security event response as a member of the Security Incident Response Team, providing expert guidance on remediation and mitigation.
  • Maintains detailed documentation of assessments, findings, and remediation efforts to support metrics, reporting, and continuous improvement of application security programs.
  • Special projects and other duties as assigned

Benefits

  • Flexible working environment for work-life success
  • Opportunity to participate in firm-sponsored volunteer events
  • Wellness programming with personalized content and activities
  • Professional environment and the opportunity to work with experts at the top of their fields
  • Variety of health plan options, as well as dental, vision and 401(k) plans
  • Generous paid time off
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service