Senior Application Security Engineer

Overview

Exciting opportunity for a Senior App Sec Specialist for a Hybrid role in downtown Chicago. This role is with a company that has made it their mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. They are searching for an individual to join their Security team and help them get to the next level.

As their Senior Application Security Engineer, you will be the primary owner and driver of the application security program. You ll work hands-on with engineering teams to embed secure development practices, improve tooling and automation, and guide security considerations for new features, architectures, and services. This is a high-impact role where you ll shape the future of App Sec at a company that values security as a core part of product quality.

• 3–7+ years of experience in Application Security, Product Security, or related software engineering roles
• Strong understanding of secure coding practices, common vulnerabilities (OWASP Top 10), and modern SDLC
• Experience working with cloud-native applications, ideally in AWS
• Understanding of SSL certificates & cryptographic key management
• Hands-on experience with SAST, DAST, WAFs, and/or mobile application security tools
• Ability to partner effectively with developers and influence secure design decisions
• Familiarity with Git Hub-based workflows and CI/CD pipelines

• Software development background (Ruby on Rails experience strongly preferred)
• Experience with mobile app security (React Native)
• Terraform or Infrastructure as Code (IaC) experience
• Experience with enterprise security tooling (Git Hub Advanced Security, Invicti, Hadrian, App Dome, Cloudflare WAF)
• Experience configuring and managing security tools, not just consuming their output
• Strong communication skills with ability to train and educate development teams

• Ruby on Rails web applications
• React Native mobile applications
• AWS cloud infrastructure (ECS, IAM, networking)
• Git Hub-based CI/CD pipelines
• Security tooling:
  Git Hub Advanced Security, Invicti (DAST), Hadrian (ASM), App Dome, Cloudflare WAF

• 70% Hands-On Technical Work (tooling configuration, security reviews, automation, vulnerability triage)
• 30% Collaboration & Training (partnering with development teams, security guidance, developer enablement)

• Own and evolve the application security program, working as a single contributor reporting to the IT Director
• Configure, manage, and optimize security tools—not just consume their findings but truly own the tooling
• Partner directly with product development teams (5-person security team, but you ll build relationships across engineering)
• Help developers understand and remediate security findings through collaboration, not just ticketing
• Integrate security into CI/CD pipelines and development workflows
• Provide security training and guidance to development teams on secure coding practices
• Collaborate with Dev Ops on AWS infrastructure security and hardening efforts

• Hybrid schedule: 2 days per week in office (Monday & Wednesday)
• Location:
  
  Chicago, IL
• High-impact role at a successful, rapidly growing company
• Leadership that enthusiastically supports security with deep pockets for best-in-class tooling
• High exposure to building a world-class security program from the ground up

• Medical, Dental, and Vision Insurance
• Vacation Time
• Stock Options

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.

Posted By: Kylie Lenz