Senior Application Security Engineer - Chicago or US remote
LogicGate is a venture-backed, Chicago-based technology company that needs YOU to help us as we continue to disrupt the wide world of GRC (governance, risk and compliance). At LogicGate, you’ll join a group of bright, welcoming people ready to learn, grow, and do the right thing for our customers.
We are seeking our first(!) Senior Application Security Engineer to join our Information Security team and drive our platform, LogicGate Risk Cloud, to the next level. Our flexible software presents a unique security opportunity to work with a platform that presents endless potential configurations to evaluate, test, and secure. You will evaluate and build off of our existing application security foundation, and work closely with Engineering and DevOps counterparts to prioritize potential threat vectors for new or existing features and drive security from design to production. Our customers, ranging from small to enterprise businesses, look to our platform to have top-notch security and you will take the lead when it comes to ensuring we’re meeting and exceeding industry best practices. You’ll report directly to our VP of InfoSec & IT, joining a small but mighty InfoSec team.
What you’d achieve:
- Establish and drive the decision-making for platform and application security architecture design and implement solutions to complex engineering and security problems.
- Mature LogicGate’s threat modeling framework and threat vector identification across the Engineering and DevOps for a train-the-trainer approach to democratize threat prioritization in platform features.
- Drive the use of security scanning tools to analyze the platform and infrastructure, then prioritize resolutions based on the potential impact.
- Lead LogicGate’s Bug Bounty and external platform penetration testing efforts to bring fresh, experienced eyes to identify threats.
- Partner with developers to design meaningful security units and functional tests to execute in our CI/CD pipeline to ensure that prior issues stay remediated.
- Join forces with your fellow teammates and the larger security community to maintain and improve security tools that align and facilitate modern software engineering practices.
The value you’d add:
- 4-6 years of experience as a security engineer, member of a red team, or security researcher.
- You are very familiar with threat modeling, preferably for customer-facing products, to help facilitate engineering prioritization around threats to a platform.
- You are a clear communicator and excited to participate in deep technical discussions
- You are a builder as much as you are a breaker. You are able to drive new projects or processes to help remediate the problems you identify.
- You have the drive to learn new technologies and continuously evaluate them for security implications
- You are adept at writing with a passion for sharing research and presenting to the technical community.
What we use to drive and manage our Risk Cloud platform:
- Back: Spring Boot, Java, Kotlin
- Front: TypeScript, Angular, Webpack, Sass
- Data: Neo4j, Redis, RabbitMQ
- Test: JUnit, Jasmine, Karma, Protractor, Selenium
- Ops: AWS, Ansible, Terraform, Hashicorp, HAProxy, Docker
- Work: Jira, Slack, Gitlab, G Suite
We are currently working on becoming compliant with new regulations in Colorado. Until we are able to do so, this role cannot be performed in Colorado.
What we have to offer:
- Work Environment
- Regular cadence of communication organization wide like monthly All Hands meetings.
- Highly collaborative, cross functional environment leveraging all the right tools no matter your location.
- Commitment to the growth of our employees through various frameworks including an Emerging Leaders Program.
- Social activities (yes, even remotely!) where we can come together and celebrate all that we’ve accomplished like an amazing anniversary party or talent show!
- Time Off; 33 business days in first year of employment
- 16 Days PTO
- 9 Company Holidays (Memorial Day, Juneteenth, Thanksgiving, etc.) PLUS two floating holidays annually
- 6 Health Days (Mental & Physical)
- Equitable Parental Leave Policy
- Blue Cross Blue Shield for Medical, Dental and Vision
- LogicGate covers 80% of employee premiums
- 401(k) Match Program
- Flex Rewards
- Monthly funds on Benepass debit card to be leveraged by the employee (cell phone, streaming services, child care, dog walker)
- Partial ownership of company through stock options
Here are just a few things we’ve been up to recently:
- We’ve secured $156M in total funding to help us continue our mission
- We earned our placement as the #1 GRC Solution on the G2 Grid - an honor we’ve received many times over!
- We were included on Built-In Chicago's list of Best Small Companies to Work For in 2020, Crain's Chicago Business 2021 Best Places to Work, and Chicago Tribune Top Workplaces 2020!
LogicGate is continuing to hire with all interviewing and on-boarding done virtually due to COVID-19. All new and existing LogicGate employees will continue to work from home until it’s safe to return to our offices. When our offices reopen, we will provide the choice to work from home or return to work in an office unless a job requirement makes it necessary for a particular role to be performed at a LogicGate office.