First Stop Health
We deliver care that people love. Members can talk with doctors or counselors 24/7 via app, website or phone.
Application Security Engineer
Application EngineerApplication EngineerFull TimeRemoteTeam 51-200Since 2011H1B No SponsorCompany SiteLinkedIn
Location
Illinois
Posted
15 days ago
Salary
Not specified
Bachelor Degree5 yrs expEnglishAWSAzureCloudFirewallsGoogle Cloud PlatformSDLC
Job Description
• Responsible for designing, implementing, and maintaining application security practices across the organization
• Partner closely with engineering, DevOps, and the broader Information Security team
• Embed security into the software development lifecycle (SDLC)
• Ensure applications are resilient against evolving threats
• Apply deep knowledge of application security architecture and design principles
• Review application architectures to identify security risks and recommend appropriate controls and mitigation strategies
• Design and implement secure coding standards, guidelines, and patterns aligned with industry best practices
• Lead and support the implementation of a secure SDLC
• Ensure security requirements are consistently applied across cloud, web, mobile, and API-based applications
• Perform and facilitate threat modeling exercises with development teams
• Conduct risk assessments and provide actionable guidance to reduce application-level security risk
• Lead application security assessments, including static and dynamic analysis, architecture reviews, and manual testing
• Perform and oversee code reviews to identify security vulnerabilities and design flaws
• Serve as a trusted security advisor to development teams
• Develop and deliver security training and awareness content for developers and technical stakeholders
• Monitor relevant threat intelligence sources related to application and software supply chain risks
Job Requirements
- Preferred Bachelor’s degree or equivalent practical experience
- Preferred Security+, Certified Application Security Engineer (CASE), Certified Secure Software Engineer Lifecycle Professional (CSSLP), etc.
- 5 - 8 years in information security, IT, or related technical roles
- Strong understanding of application security architecture, design principles, and secure coding practices
- Experience securing CI/CD pipelines and DevOps workflows
- In-depth knowledge of security best practices and industry standards (e.g., OWASP Top 10, CWE, NIST, ISO-aligned controls)
- Experience implementing and operating a secure SDLC in modern development environments
- Ability to conduct complex security assessments, including manual code reviews and architecture analysis
- Experience leading security assessments and penetration testing engagements
- Working knowledge of threat modeling methodologies and risk assessment techniques
- Strong knowledge of security principles and technologies (e.g., encryption, authentication, firewalls, IDS/IPS, incident response, EDR, etc.)
- Hands-on experience with SAST, DAST, SCA technologies such as Snyk, GitHub Advanced Security, etc.
- Familiarity with cloud platforms (AWS, Azure, or GCP) and associated security features and configurations
- Understanding regulatory standards (GDPR, HIPAA, PCI-DSS, ISO 27001) and how they impact operations
- Strong analytical and problem-solving skills; able to identify risks and propose effective mitigations
- Excellent communication and collaboration skills
Benefits
- health and medical coverage options
- dental and vision coverage
- disability and life coverage
- medical waiver allowance
- remote-first work environment
- flexible paid time off, including Summer Fridays
- employer match 401k plan
- monthly phone stipend
- First Stop Health membership benefit
Related Guides
Related Categories
Related Job Pages
More Application Engineer Jobs
Application Engineer15 days ago
Full TimeRemote
We are looking for a Sr. Full Stack Application Security Engineer with deep expertise in mobile application security to join our Product Security team. This role is hands-on and impact driven. You will work directly with mobile, backend, and platform engineering teams to identify...
United States
Application Engineer16 days ago
Full TimeRemoteTeam 201-500Since 2022
Application Security Engineer building secure systems at Perplexity
CloudJavaJavaScriptPythonGo
Application Engineer16 days ago
Full TimeRemoteTeam 501-1,000Since 2011H1B Sponsor
The Senior Field Application Specialist trains customers on SOPHiA GENETICS solutions, supports customer needs, and collaborates with teams to gather feedback for ongoing product improvements. This role involves significant travel to client sites for trainings and hands-on support.
Liquid Handling RobotsNgs
Application Engineer16 days ago
Full TimeRemoteTeam 11-50H1B Sponsor
Application Engineer developing and deploying mobile applications for Salesforce-centric environments
AWSCloudGraphQLJavaScriptReactReact NativeTypeScript
