Skip to Main Content
← Back to Jobs

Application Security Engineer

Paul Murphy Associates Chicago ,IL
  • Expired: over a month ago. Applications are no longer accepted.
Job Description
Title: Application Security Engineer
Location: Chicago, IL (Loop - 60606)
Length: Full Time
Salary: Excellent
As the Application Security Engineer, your job is to take ownership and drive efforts to integrate security
into all aspects of software development. You’ll work closely with DevOps, Engineering, and Security
teams to solve problems, evolve processes, and improve our application security posture. We are
looking for someone with strong, hands-on engineering expertise who wants to take responsibility for
designing new ways of securing the software that supports trading of digital assets. Cryptocurrency is an
evolving and fast-moving area; the ability to remain nimble yet deliver robust and secure services to
clients is essential. Our ideal candidate is a creative and analytical problem solver with strong technical
troubleshooting skills and the ability to exercise mature judgment under pressure.
Key Responsibilities
● Lead application security testing efforts
● Lead bug intake and remediation process
● Lead the remediation of application vulnerability scanning and penetration testing
● Manage security integration into the SDLC process
● Support code reviews across all code platforms
● Help evolve application security functions and services
● Identify security exposures and develop mitigation plans
● Become a subject matter expert for application security solutions
● Own and document medium/large security-related epics and follow through until completion.
● Significant experience in application security technologies and processes within public cloud
environments (AWS, GCP, etc.) including monitoring and implementing OWASP web application
security best practices, API security, authentication mechanism, vulnerability and application
scanning, and web application scanning/firewalls (WAS/WAF).
● Experience with manual and automated software testing, fuzzing, static/dynamic code analysis,
and manual code reviews.
● Strong debugging skills. Ability to spot design flaws, race conditions, performance bottlenecks in
complex architectures and simple misconfigurations
● 4+ years of experience working directly in Application Security
● Significant development experience with modern programming languages (C++, Ruby,
Javascript, Python)
● Strong communication and collaboration skills
● Working knowledge of Linux
● Familiarity with technology/tools such as Kubernetes, Docker, Puppet, Jenkins, Ansible,
Terraform, etc.
● Demonstrated ability integrating security concepts into a DevOps Software Development
Lifecycle (SDLC), including for threat modeling and security architecture design/specification,
both at the full system level component levels
● Ability to demonstrate past experience making trade-offs between functional and usability
requirements with security requirements
● Familiarity with cryptography concepts (AES vs. RSA, PKI, TLS, etc.)
● Solid understanding of network protocols and security concepts

Paul Murphy Associates


Chicago, IL
60606 USA