Application Security Engineer
Chicago
Tempus
Tempus has built the world’s largest library of clinical & molecular data and an operating system to make that data accessible and useful, starting with cancer.Passionate about precision medicine and advancing the healthcare industry?
Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time.
About the role:
An application security engineer ensures that every step of the software development lifecycle (SDLC) follows security best practices. They are also responsible for adhering to secure coding principles and aid in testing the application against security risks/parameters before release.
Responsibilities:
- Conduct penetration tests on web applications, mobile applications, and internal systems to identify security vulnerabilities and risks.
- Develop and execute test plans, scenarios, scripts, or procedures.
- Document findings and work with development teams to remediate identified issues.
- Stay up-to-date with the latest testing and ethical hacking methods.
- Assist in the development and maintenance of application security policies, standards, and guidelines.
- Work with security and IT teams to enhance the overall security posture of the organization.
- Provide security training and awareness to development teams.
- Participate in the design and review of new technologies and major changes to existing technologies from a security perspective.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
- Relevant certifications such as OSCP, GPEN, or similar are highly desirable.
- Proven experience in penetration testing.
- Strong understanding of security principles, techniques, and technologies such as OWASP Top 10, SANS Top 25, etc.
- Experience with a variety of security tools and products (e.g., Burp Suite, Snyk, GitHub Advanced Security).
- Familiarity with programming/scripting languages such as Python and/or JavaScript/TypeScript.
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills.
#LI-SH1 #LI-Hybrid #LI-Onsite
We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Additionally, for remote roles open to individuals in unincorporated Los Angeles – including remote roles- Tempus reasonably believes that criminal history may have a direct, adverse and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: engaging positively with customers and other employees; accessing confidential information, including intellectual property, trade secrets, and protected health information; and appropriately handling such information in accordance with legal and ethical standards. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Burp Suite Computer Science Ethical hacking GitHub GPEN JavaScript OSCP OWASP Pentesting Python SANS Scripting SDLC TypeScript Vulnerabilities
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.