Senior Application Security Engineer at Rocketmiles
Rocket Travel, Inc., a subsidiary of Booking Holdings, is looking for an Senior Application Security Engineer who enjoys security work and possesses both deep and wide expertise in systems and application security in our West Loop, Chicago office.
At Rocket, we encourage experimentation. We hire people who know how to pick the right tool for the job and learn along the way.
You will be involved in planning and implementing security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
You will be helping our team pursue challenges including:
- Testing for system vulnerabilities and doing periodic penetration testing
- Being responsible for quarterly security audits
- Planning and implementing standard operating procedures and protocols for data and infrastructure security
- Developing technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Managing our bug bounty program
- Performing application security design reviews against new products and services
- Tracking and prioritizing all security issues
- Building internal security tools that help fix security problems at scale
- Playing a lead role in developing and designing application-level security controls and standards for our SaaS rollouts
- Performing application security review and drive remediation of discovered issues
- Enabling automated security testing at scale to measure vulnerability, and report on risk across all the web and mobile platforms
- Proven work experience as a system security engineer or information security engineer
- Experience in building and maintaining security systems
- Experience implementing access control policies
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Thorough understanding of the latest security principles, techniques, and protocols
- A deep understanding of the NIST cybersecurity framework
- in-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10).
- An analytical mind for problem solving, abstract thought, and offensive security tactics.
- Ability to articulate complex issues to executives and customers.
- BS degree in Computer Science or a related field
- You are authorized to accept employment in the US from any employer.
- You are available to start within three weeks of accepting an offer, and are willing to work from our Chicago office.
- Collaborating closely with experienced business, design, and technology teammates.
- Working with intrinsically motivated folks with a track record for delivering great products.
- Receiving a competitive compensation package, including bonus, health/dental insurance, and 401k matching.
- Choosing your own computer/gear.
- Receiving a monthly cell phone stipend.
- Enjoying unlimited vacation, with free travel credits.
- Flexible teams that allow you to work remotely for those days when life needs you elsewhere.
- Learning at monthly engineering lunch-and-learns for professional development.
- Enjoying free snacks, drinks, and coffee at our Chicago office in the West Loop.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
No recruiters, please.