Oh Snap!
This job is no longer active - but you can still view the details below.

Application Security Engineer

| Chicago

About The Role

The application security engineer will be responsible for maintaining the security of all Yello web and mobile applications.  They’ll use a variety of tools and strategies to detect, mitigate/remediate vulnerabilities. The application security engineer will collaborate closely with Engineering to incorporate security into all phases of the SDLC.

How You'll Make An Impact

You will play a critical role on a small team of talented engineers focused on securing our cloud-based, cutting-edge solutions for our client-partners. 

Application Security Engineer Responsibilities:

  • Integrate security tools, processes, policies, and standards into the product/application development lifecycle.
  • Maintain and ensure compliance with internal application security policies and standards.
  • Perform and manage developer security trainings upon hire and annually.
  • Manage internal and external penetration testing (Act as a subject matter expert)
  • Manage application framework and perimeter security improvement projects.
  • Provide security requirements for test-driven design.
  • Provide metrics that report the state of application security programs and performance.
  • Work with Engineering teams to promote a DevSecOps culture. 

Specific Responsibilities (Controls and Processes):

  • Conduct manual security code reviews
  • Perform static and dynamic application security testing using manual/automated tools.
  • Lead application assessments (external/internal).
  • Perform infrastructure security monitoring in partnership with the Infrastructure team.
  • Communicate application security policies and standards to engineers and product managers.
  • Collaborate with Product leads and engineering leads to ensure new features meet security requirements
  • Identify application security gaps in relation to various compliance frameworks or client requirements.
  • Own internal tools development and maintenance.
  • Remediate identified vulnerabilities in Yello applications. 
  • Work with Information Security Officer on Risk Acceptance 

What We're Looking For

  • Computer Science or related degree or equivalent experience.
  • 4+ years of professional application security experience 
  • Proficient in programming (Ruby on Rails preferred)
  • Familiar with OWASP TOP 10/SANS-25
  • Familiar with Testing tools ( Burp, ZAP, etc.)
  • Outstanding written and verbal communication skills
  • Experience with Threat Modeling (STRIDE)

Additional Information

We are the trailblazers in our space and we continually strive to learn and grow, but there is always time to celebrate a colleague's birthday or a recent success. We dress casually, have one of the best views in the city and the whole team sports Apple laptops. Our CEO Jason Weingarten and President Dan Bartfield always have their office doors open. And with opportunities for professional advancement, medical, dental and vision insurance, and a 401K match – Yello has you covered.

  • Yello is an Equal Opportunity Employer. All applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
  • Candidates local to Chicago are preferred.
  • You must be authorized to work in the United States.
  • Must be able to sit or stand for continuous periods of time
  • This role frequently communicates/interacts with individuals, must have strong written and oral communication skills
  • Yello reserves the right to assign or reassign the responsibilities and requirements to this job at any time
Read Full Job Description
Apply now
loading ...
Emailed

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavascriptLanguages
    • RubyLanguages
    • SqlLanguages
    • SwiftLanguages
    • ReactLibraries
    • ReduxLibraries
    • Ruby on RailsFrameworks
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • ElasticsearchDatabases
    • Google AnalyticsAnalytics
    • MixpanelAnalytics
    • FigmaDesign
    • Aha!Management
    • ConfluenceManagement
    • JIRAManagement
    • WrikeManagement
    • WordpressCMS
    • SalesforceCRM
    • MarketoLead Gen

Location

We're located in the Loop, a block from the Art Institute and Millennium Park. Our office offers panoramic 360 degree views of Chicago.

What are Yello Perks + Benefits

Yello Benefits Overview

Health
Wellness
Financial
Giving
We've got you covered!

Culture
Volunteer in local community
Partners with Nonprofits
Eat lunch together
Intracompany committees
Yello has a number of committees and groups including the Flair committee as well as [email protected] and [email protected] (to name a few)
Open door policy
Open office floor plan
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Company sponsored short-term disability insurance covers 100% of annual salary for up to 13 weeks.
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Company sponsored life insurance is equal to 1 times an employee's annual salary.
Wellness Programs
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Yello provides employees with a 401(k) matching plan managed by John Hancock. We match 3% of contributions with a 4-year vesting schedule.
Company Equity
Yello offers equity to employees at their 1 year anniversary.
Performance Bonus
Yello's performance bonus is an annual bonus of up to 10% of an employee's base salary. Payout is based on company and individual performance.
Match charitable contributions
While we don't match yet, we value giving back to causes that create a positive social impact. Through Percent Pledge, we help employees seamlessly give monthly to their favorite causes
Child Care & Parental Leave Benefits
Flexible Work Schedule
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
Some Meals Provided
Happy Hours
Recreational Clubs
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Yello offers employees professional development opportunities like the ability to attend job-related conferences and seminars.
Tuition Reimbursement
Lunch and learns
Yello hosts lunch and learn meetings twice per month.
Cross functional training encouraged
Promote from within
Time allotted for learning
Yello has a 'Learning Day' every 2 weeks on Friday to allow employees to set aside half a day for learning of any kind.

Additional Perks + Benefits

Yello sponsors office sports leagues and offers discounted memberships to Chicago Athletic Clubs. • Yello is dedicated to supporting career progression through professional development opportunities, mentorship and continued education • Yello offers the benefit of a student loan repayment plan and a 529 plan through BenefitEd with an annual company match to help you or your family continue your financial health. Yello offers healthy catered lunches each week and 2 fully stocked kitchens with fresh fruit and snacks to keep you nourished.

More Jobs at Yello6 open jobs
All Jobs
Design + UX
Dev + Engineer
Sales
Developer
new
Chicago
Developer
new
Chicago
Developer
new
Chicago
Design + UX
new
Chicago
Sales
new
Chicago
Developer
new
Chicago