Alliant Credit Union
Join to apply for the
Application Security Engineer
role at
Alliant Credit Union Join to apply for the
Application Security Engineer
role at
Alliant Credit Union The Application Security Engineer will be responsible for validating application services that are designed and implemented with high security standards. Analyze the security (Red - Offense) of applications in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases. Address legacy and emerging security issues, and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation. This role also includes hands-on coding responsibilities to remediate vulnerabilities directly within development teams. Communicate with technical and leadership teams to ensure a focus on risk mitigation to allow for business continuity. Assess applications for weaknesses and find resolutions before they can be abused and the security of applications for business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Recommend programmatic controls, and monitor and manage secure development practices to address modern day issues. The ideal candidate will have experience developing and maintaining Web APIs using MuleSoft, including hands-on coding in DataWeave for data transformation and integration across cloud environments.
Responsibilities
Actively participate in development teams, implementing code fixes for AppSec vulnerabilities, spending a portion of time writing and reviewing remediation code to ensure secure and resilient applications. Perform vulnerability and penetration testing (Red - Offense), document security findings and focus on automation to aid inefficiencies with both testing and remediation of findings. Collaborate with developers to provide repetitive validation testing prior to production while allowing for a continuous cycle of development followed by application security assessments. Monitor the security community for public-facing security issues, as well as learn new tactics that can be used in testing. Collaborate in application projects and change management committees. Understand what is coming and how their projects can be more secure from the start. Follow a security review process to ensure an automated and repeatable process is managed. This can be through the use of dynamic and static code analysis resources. Use security standards, implementation configurations and common security frameworks to prepare for and manage bug bounty programs. Document delivery and implementation advances that meet defined service-level agreements (SLAs) and business metrics. Align with architects and development teams for a mission of secure design. Train developers and junior application security engineers on secure coding practices. Participate and lead security team meetings that facilitate secure design. Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Focus on application security that observes compliance such as Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), etc. – and privacy laws. Conduct performance testing to stress the limitations of security solutions while ensuring business innovation and day-to-day processes are not negatively impacted. Candidate will be completing hands-on software development using C#/.NET, full Microsoft stack, and JavaScript, with a focus on identifying and replacing vulnerable third-party libraries flagged by Software Composition Analysis (SCA) tools. The candidate will use their deep understanding of secure design principles and best practices for remediating OWASP Top Ten vulnerabilities through hands-on coding and architectural improvements.
Education
Bachelors Degree - Computer Science or related - Minimum Graduate Degree - Computer Science or related - Preferred
Years Of Experience
3 Years - Cybersecurity, application programming, compliance, risk management, network security engineering, threat modeling applications or related - Minimum
In Lieu Of Education
6 years - Cybersecurity, application programming, compliance, risk management, network security engineering, threat modeling applications or related
License/Certifications/Training
Preferred: Security certifications GWAPT, CISSP, OSCP, or other similar
Compensation & Benefits
Typical hiring range:
$113,000 - $159,550 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge.
Additional Compensation:
Annual performance bonus
Benefits:
Alliant provides a benefits package including health care, vision, dental, and 401k with employer match.
Additional Benefits
Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment.
Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives.
The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice. Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Referrals increase your chances of interviewing at Alliant Credit Union by 2x Get notified about new Application Security Engineer jobs in
Chicago, IL . Chicago, IL $71,250.00-$118,750.00 1 hour ago Chicago, IL $114,500.00-$194,700.00 1 week ago Chicago, IL $110,000.00-$140,000.00 1 week ago Chicago, IL $138,400.00-$173,000.00 1 week ago Application Security & Red Team - Lead Engineer, Information Security
Chicago, IL $120,000.00-$145,000.00 6 days ago Oak Brook, IL $115,000.00-$150,000.00 2 weeks ago Chicago, IL $200,000.00-$221,000.00 2 months ago Senior QA Engineer, Secure Remote Access Testing
Discovery IT System Administrator (Top Secret Clearance Required)
Chicago, IL $124,895.40-$169,500.90 2 weeks ago Senior Staff Application Security Engineer
Chicago, IL $107,250.00-$178,750.00 1 week ago Deerfield, IL $106,558.00-$150,200.00 13 hours ago Chicago, IL $123,274.67-$167,301.34 3 weeks ago Senior Discovery IT System Administrator (Top Secret Clearance Required)
Chicago, IL $160,579.80-$231,948.60 1 month ago Senior Application Security Engineer (Bangkok based, relocation provided)
Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
AppSec Solutions Engineer (Remote, Chicago)
Chicago, IL $100,000.00-$130,000.00 2 weeks ago Chicago, IL $110,000.00-$130,000.00 5 hours ago Senior Backend Engineer (Content, Security & Trust)
Glenview, IL $133,000.00-$147,000.00 2 weeks ago Chicago, IL $118,700.00-$218,600.00 2 weeks ago Chicago, IL $119,935.00-$141,100.00 4 days ago Chicago, IL $78,960.00-$167,180.00 2 weeks ago Chicago, IL $103,320.00-$235,170.00 2 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Application Security Engineer
role at
Alliant Credit Union Join to apply for the
Application Security Engineer
role at
Alliant Credit Union The Application Security Engineer will be responsible for validating application services that are designed and implemented with high security standards. Analyze the security (Red - Offense) of applications in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases. Address legacy and emerging security issues, and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation. This role also includes hands-on coding responsibilities to remediate vulnerabilities directly within development teams. Communicate with technical and leadership teams to ensure a focus on risk mitigation to allow for business continuity. Assess applications for weaknesses and find resolutions before they can be abused and the security of applications for business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Recommend programmatic controls, and monitor and manage secure development practices to address modern day issues. The ideal candidate will have experience developing and maintaining Web APIs using MuleSoft, including hands-on coding in DataWeave for data transformation and integration across cloud environments.
Responsibilities
Actively participate in development teams, implementing code fixes for AppSec vulnerabilities, spending a portion of time writing and reviewing remediation code to ensure secure and resilient applications. Perform vulnerability and penetration testing (Red - Offense), document security findings and focus on automation to aid inefficiencies with both testing and remediation of findings. Collaborate with developers to provide repetitive validation testing prior to production while allowing for a continuous cycle of development followed by application security assessments. Monitor the security community for public-facing security issues, as well as learn new tactics that can be used in testing. Collaborate in application projects and change management committees. Understand what is coming and how their projects can be more secure from the start. Follow a security review process to ensure an automated and repeatable process is managed. This can be through the use of dynamic and static code analysis resources. Use security standards, implementation configurations and common security frameworks to prepare for and manage bug bounty programs. Document delivery and implementation advances that meet defined service-level agreements (SLAs) and business metrics. Align with architects and development teams for a mission of secure design. Train developers and junior application security engineers on secure coding practices. Participate and lead security team meetings that facilitate secure design. Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Focus on application security that observes compliance such as Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), etc. – and privacy laws. Conduct performance testing to stress the limitations of security solutions while ensuring business innovation and day-to-day processes are not negatively impacted. Candidate will be completing hands-on software development using C#/.NET, full Microsoft stack, and JavaScript, with a focus on identifying and replacing vulnerable third-party libraries flagged by Software Composition Analysis (SCA) tools. The candidate will use their deep understanding of secure design principles and best practices for remediating OWASP Top Ten vulnerabilities through hands-on coding and architectural improvements.
Education
Bachelors Degree - Computer Science or related - Minimum Graduate Degree - Computer Science or related - Preferred
Years Of Experience
3 Years - Cybersecurity, application programming, compliance, risk management, network security engineering, threat modeling applications or related - Minimum
In Lieu Of Education
6 years - Cybersecurity, application programming, compliance, risk management, network security engineering, threat modeling applications or related
License/Certifications/Training
Preferred: Security certifications GWAPT, CISSP, OSCP, or other similar
Compensation & Benefits
Typical hiring range:
$113,000 - $159,550 Annually. Actual compensation will be determined using factors such as experience, skills & knowledge.
Additional Compensation:
Annual performance bonus
Benefits:
Alliant provides a benefits package including health care, vision, dental, and 401k with employer match.
Additional Benefits
Work from home up to 3 days a week Paid parental leave Employee discount programs Time off including paid personal and sick days 11 paid holidays Education reimbursement Note that eligibility and cost of benefits can vary depending on the number of regularly scheduled hours, and job status such as regular full-time, regular part-time, or temporary employment.
Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives.
The responsibilities listed do not contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this position. Duties, responsibilities and activities may change at any time with or without notice. Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Information Technology Referrals increase your chances of interviewing at Alliant Credit Union by 2x Get notified about new Application Security Engineer jobs in
Chicago, IL . Chicago, IL $71,250.00-$118,750.00 1 hour ago Chicago, IL $114,500.00-$194,700.00 1 week ago Chicago, IL $110,000.00-$140,000.00 1 week ago Chicago, IL $138,400.00-$173,000.00 1 week ago Application Security & Red Team - Lead Engineer, Information Security
Chicago, IL $120,000.00-$145,000.00 6 days ago Oak Brook, IL $115,000.00-$150,000.00 2 weeks ago Chicago, IL $200,000.00-$221,000.00 2 months ago Senior QA Engineer, Secure Remote Access Testing
Discovery IT System Administrator (Top Secret Clearance Required)
Chicago, IL $124,895.40-$169,500.90 2 weeks ago Senior Staff Application Security Engineer
Chicago, IL $107,250.00-$178,750.00 1 week ago Deerfield, IL $106,558.00-$150,200.00 13 hours ago Chicago, IL $123,274.67-$167,301.34 3 weeks ago Senior Discovery IT System Administrator (Top Secret Clearance Required)
Chicago, IL $160,579.80-$231,948.60 1 month ago Senior Application Security Engineer (Bangkok based, relocation provided)
Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
AppSec Solutions Engineer (Remote, Chicago)
Chicago, IL $100,000.00-$130,000.00 2 weeks ago Chicago, IL $110,000.00-$130,000.00 5 hours ago Senior Backend Engineer (Content, Security & Trust)
Glenview, IL $133,000.00-$147,000.00 2 weeks ago Chicago, IL $118,700.00-$218,600.00 2 weeks ago Chicago, IL $119,935.00-$141,100.00 4 days ago Chicago, IL $78,960.00-$167,180.00 2 weeks ago Chicago, IL $103,320.00-$235,170.00 2 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr