LEVI, RAY & SHOUP, INC
Application Security Engineer (27127)
LEVI, RAY & SHOUP, INC, Chicago, Illinois, United States, 60290
Overview
Added Oct 28, 2025 • Application Security Engineer (27127) Chicago, Illinois | Permanent
For additional information on how we handle your data, see www.LRS.com/privacy
Responsibilities
Collaborate with developers and operations teams to anticipate security vulnerabilities, proactively assess and identify potential risks, develop mitigation strategies, and ensure that security measures are incorporated throughout the entire application development process
Lead application security reviews and threat modeling efforts, including code reviews, dynamic testing, penetration testing, hacker simulations, and reviewing applications against OWASP Top 10
Integrate security tools and processes into the DevOps pipeline to automate security checks and scans to identify and fix vulnerabilities early in the development process
Establish and maintain secure coding standards and best practices and provide guidance and training to development teams
Collaborate with development, DevOps, and IT teams to ensure that security measures are implemented in production environments
Help manage security incident response and recovery processes, including impact assessment, remediation, root cause analysis, and preventative measures
Define, develop, and present key application security metrics, identify critical issues proactively, and communicate them effectively to stakeholders
Ensure compliance with relevant security regulations and standards, especially those relevant to banking and finance
Stay current with the latest security threats, trends, and countermeasures to ensure that the organization's applications are always protected
Other duties as assigned
Requirements
Bachelor’s degree in computer science or a related field
4 years of experience executing application security testing methodologies (e.g., SAST, SCA, DAST, etc.)
Strong understanding of security frameworks, best practices, and common vulnerabilities (e.g., NIST, OWASP Top 10)
Experience with intrusion detection systems and vulnerability scanners
Experience integrating security tools and processes into the DevOps pipeline
Background in modern software development technologies (pref., MS .NET, C#, T-SQL, React, JavaScript, etc.)
Experience with most/all of the following: Cloud, Access Control, DevOps, and Containerization technologies (pref., Azure, including Entra External ID, cloud-native microservices, Kubernetes, and Docker)
Relevant certifications such as CISSP, CSSLP, OSCP, CEH, or Azure Security Engineer Associate a plus
Experience using AI tools to accelerate or improve software development processes and the risks of using generative AI or machine learning a plus
Ability to communicate effectively with both technical and non-technical stakeholders
Candidates must have permanent authorization to work in the USA for any employer
Corp to Corp candidates will not be considered
LRS is an equal opportunity employer. Applicants for employment will receive consideration without unlawful discrimination based on race, color, religion, creed, national origin, sex, age, disability, marital status, gender identity, domestic partner status, sexual orientation, genetic information, citizenship status or protected veteran status.
The projected salary for this position is $105,000 to $135,00 per year, depending on experience. Salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hires of this position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
#J-18808-Ljbffr
For additional information on how we handle your data, see www.LRS.com/privacy
Responsibilities
Collaborate with developers and operations teams to anticipate security vulnerabilities, proactively assess and identify potential risks, develop mitigation strategies, and ensure that security measures are incorporated throughout the entire application development process
Lead application security reviews and threat modeling efforts, including code reviews, dynamic testing, penetration testing, hacker simulations, and reviewing applications against OWASP Top 10
Integrate security tools and processes into the DevOps pipeline to automate security checks and scans to identify and fix vulnerabilities early in the development process
Establish and maintain secure coding standards and best practices and provide guidance and training to development teams
Collaborate with development, DevOps, and IT teams to ensure that security measures are implemented in production environments
Help manage security incident response and recovery processes, including impact assessment, remediation, root cause analysis, and preventative measures
Define, develop, and present key application security metrics, identify critical issues proactively, and communicate them effectively to stakeholders
Ensure compliance with relevant security regulations and standards, especially those relevant to banking and finance
Stay current with the latest security threats, trends, and countermeasures to ensure that the organization's applications are always protected
Other duties as assigned
Requirements
Bachelor’s degree in computer science or a related field
4 years of experience executing application security testing methodologies (e.g., SAST, SCA, DAST, etc.)
Strong understanding of security frameworks, best practices, and common vulnerabilities (e.g., NIST, OWASP Top 10)
Experience with intrusion detection systems and vulnerability scanners
Experience integrating security tools and processes into the DevOps pipeline
Background in modern software development technologies (pref., MS .NET, C#, T-SQL, React, JavaScript, etc.)
Experience with most/all of the following: Cloud, Access Control, DevOps, and Containerization technologies (pref., Azure, including Entra External ID, cloud-native microservices, Kubernetes, and Docker)
Relevant certifications such as CISSP, CSSLP, OSCP, CEH, or Azure Security Engineer Associate a plus
Experience using AI tools to accelerate or improve software development processes and the risks of using generative AI or machine learning a plus
Ability to communicate effectively with both technical and non-technical stakeholders
Candidates must have permanent authorization to work in the USA for any employer
Corp to Corp candidates will not be considered
LRS is an equal opportunity employer. Applicants for employment will receive consideration without unlawful discrimination based on race, color, religion, creed, national origin, sex, age, disability, marital status, gender identity, domestic partner status, sexual orientation, genetic information, citizenship status or protected veteran status.
The projected salary for this position is $105,000 to $135,00 per year, depending on experience. Salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hires of this position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
#J-18808-Ljbffr