AdTechTalent
Engineering4 days agoHybrid

Epsilon

Advisor, Application Security Engineer

application securitysecure codingvulnerability managementsecurity testingthreat modelingCI/CDOWASPcryptographynetwork securitycloud securitysoftware developmentsecurity architectureautomationSASTDAST

Key details

Salary

$100K – $186K

Employment type

Full-time

Seniority

Senior

Years experience

10+

Location

Chicago, United States

Full job description

The role involves ensuring secure delivery of software applications by designing and implementing secure coding practices, conducting advanced security testing, and collaborating with development teams to integrate security throughout the development lifecycle. Responsibilities include performing code analysis to identify vulnerabilities, recommending remediation, supporting security architecture design reviews and threat modeling, improving security accessibility through automation and CI pipelines, building trust with teams, driving security initiatives, contributing to security standards and documentation, ensuring compliance with security policies, and assisting onboarding to security platforms. Requirements include a BS/MS in Computer Science or similar, 10+ years of relevant experience, software development experience, knowledge of CI/CD platforms, application security testing tools (SAST, DAST, MAST, RAST, IAST), vulnerability management, software development methodologies, OWASP Top 10, CWE 25, programming and scripting, software design lifecycle, web and app security, cloud security, authentication and authorization, threat modeling, network security, and cryptography. Strong collaboration, communication, problem solving, and independent work skills are required. The position is full-time, on-site in Chicago, Illinois. Salary range is $100,000 to $185,600 annually. Benefits include flexible time off, paid holidays and sick time, parental leave, childcare and elder care assistance, adoption assistance, health coverage, 401(k), tuition assistance, commuter benefits, professional development, employee recognition, charitable donation matching, and health coaching.

What you'll do

  • Perform code analysis of applications, manually and through application security testing solutions, to identify vulnerabilities
  • Provide context and rationalization for identified vulnerabilities
  • Review and recommend remediation actions for identified vulnerabilities
  • Drive and support security architecture design reviews and threat modeling of products
  • Improve accessibility of security through automation, vulnerability exception processing, embedding secure practices within CI pipelines
  • Build trust relationships with teams to achieve security goals
  • Drive cross-disciplinary initiatives to improve security of engineering ecosystem and products
  • Contribute to relevant security standards, processes, and documentation
  • Collaborate with teams to ensure understanding and compliance with security policies, standards, and best practices
  • Assist in onboarding new teams and applications to security platforms

Requirements

  • BS / MS in Computer Science or similar degree
  • Minimum of 10 years of experience in related fields
  • Direct experience in software development
  • Direct experience with at least one or more CI/CD platforms
  • Direct experience with application testing (e.g., SAST, DAST, MAST, RAST, IAST)
  • Direct experience in application vulnerability management processes
  • Working knowledge of current software development methodologies
  • Working knowledge of OWASP Top 10 and CWE 25
  • Working knowledge of programming languages and scripting
  • Working knowledge of software design lifecycle
  • Working knowledge of web and app security stack (e.g., API security)
  • Working knowledge of cloud security concepts and technologies
  • Working knowledge of authentication and authorization flows in web applications
  • Strong understanding of threat modeling
  • Strong understanding of network security (e.g., WAF, Micro-segmentation)
  • Strong understanding of cryptography topics
  • Strong collaboration and interpersonal skills
  • Excellent problem solving and critical thinking skills
  • Ability to work independently and self-motivate

Tech stack

SASTDASTMASTRASTIASTCI/CD platformsOWASP Top 10CWE 25programming languagesscriptingAPI securitycloud securityauthentication and authorizationthreat modelingnetwork securityWAFMicro-segmentationcryptography

Benefits

Flexible time off (FTO)15 paid holidaysPaid sick timeParental/new child leaveChildcare & elder care assistanceAdoption assistanceComprehensive health coverage401(k)Tuition assistanceCommuter benefitsProfessional developmentEmployee recognitionCharitable donation matchingHealth coaching and counseling

Apply now

This MVP uses a placeholder application flow. In production, this section can connect to an external apply URL or a native application form.

Continue to applicationBrowse more jobs

Similar jobs

More roles worth a look

Related opportunities based on specialty and working model so candidates can keep momentum.