Senior Staff Application Security Engineer

PUBLICIS GROUPE•Chicago, IL

54d•$107,250 - $178,750

About The Position

You will help to ensure the secure delivery of Epsilon's software applications by designing and implementing secure coding practices, conducting advanced security testing through application security platforms, and collaborating with development teams to ensure security is integrated throughout the development lifecycle. You will be a core member of the application security team as a contributor in the areas of secure software architecture and design, web application vulnerability and remediation, and a variety of tools used in secure development and testing. You will provide support, guiding and advising multiple development teams to develop secure applications and services in accordance with the established application security policies and standards. Finally, you will be responsible for recommending and guiding the implementation of modifications and enhancements to ensure the organization is evolving with the threat landscape. By continuously improving and expanding our security platforms and fostering strong collaborative relationships, you will create a more secure, efficient, and proactive development environment, ultimately ensuring the integrity and safety of Epsilon's software applications.

Requirements

Minimum of 5 years of experience in related fields
Direct experience in software development
Direct experience with at least one or more CI/CD platforms
Direct experience with application testing (e.g., SAST, DAST, MAST, RAST, IAST)
Direct experience in application vulnerability management processes
Working knowledge of current software development methodologies
Working knowledge of OWASP Top 10 and CWE 25
Working knowledge of programming languages and scripting
Working knowledge of software design lifecycle
Working knowledge of web and app security stack (e.g., API security)
Working knowledge of cloud security concepts and technologies
Working knowledge of authentication and authorization flows in web applications
Strong understanding of threat modeling
Strong understanding of network security (e.g , WAF, Micro-segmentation)
Strong understanding of cryptography topics

Nice To Haves

Strong collaboration
interpersonal, collaborative, written and verbal communication skills
Excellent problem solving, critical thinking skills
Ability to work independently and self-motivate
BS / MS in Computer Science or similar degree

Responsibilities

Perform code analysis of applications, manually and through application security testing solutions, to identify vulnerabilities.
Provide context and rationalization for identified vulnerabilities.
Review and recommend remediation actions for identified vulnerabilities.
Drive and support security architecture design reviews and threat modeling of our products.
Improve the accessibility of security through automation, vulnerability exception processing, embedding secure practices within continuous integration pipelines, and other related activities.
Build trust relationships with teams to effectively achieve security goals.
Drive cross-disciplinary initiatives to improve the security of our engineering ecosystem and products.
Contribute to relevant security standards, processes, and other formal documentation.
Work with teams to ensure understanding and compliance with relevant security policies, standards, and guidelines.
Assist in onboarding new teams and applications to security platforms.

Benefits

Flexible time off (FTO), 15 paid holidays
Paid sick time
Parental/new child leave, childcare & elder care assistance, adoption assistance
Comprehensive health coverage, 401(k), tuition assistance, commuter benefits, professional development, employee recognition, charitable donation matching, health coaching and counseling

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume