Oh Snap!
This job is no longer active - but you can still view the details below.

Application Security Engineer

| Chicago

About The Role

The application security engineer will be responsible for maintaining the security of all Yello web and mobile applications.  They’ll use a variety of tools and strategies to detect, mitigate/remediate vulnerabilities. The application security engineer will collaborate closely with Engineering to incorporate security into all phases of the SDLC.

How You'll Make An Impact

You will play a critical role on a small team of talented engineers focused on securing our cloud-based, cutting-edge solutions for our client-partners. 

Application Security Engineer Responsibilities:

  • Integrate security tools, processes, policies, and standards into the product/application development lifecycle.
  • Maintain and ensure compliance with internal application security policies and standards.
  • Perform and manage developer security trainings upon hire and annually.
  • Manage internal and external penetration testing (Act as a subject matter expert)
  • Manage application framework and perimeter security improvement projects.
  • Provide security requirements for test-driven design.
  • Provide metrics that report the state of application security programs and performance.
  • Work with Engineering teams to promote a DevSecOps culture. 

Specific Responsibilities (Controls and Processes):

  • Conduct manual security code reviews
  • Perform static and dynamic application security testing using manual/automated tools.
  • Lead application assessments (external/internal).
  • Perform infrastructure security monitoring in partnership with the Infrastructure team.
  • Communicate application security policies and standards to engineers and product managers.
  • Collaborate with Product leads and engineering leads to ensure new features meet security requirements
  • Identify application security gaps in relation to various compliance frameworks or client requirements.
  • Own internal tools development and maintenance.
  • Remediate identified vulnerabilities in Yello applications. 
  • Work with Information Security Officer on Risk Acceptance 

What We're Looking For

  • Computer Science or related degree or equivalent experience.
  • 4+ years of professional application security experience 
  • Proficient in programming (Ruby on Rails preferred)
  • Familiar with OWASP TOP 10/SANS-25
  • Familiar with Testing tools ( Burp, ZAP, etc.)
  • Outstanding written and verbal communication skills
  • Experience with Threat Modeling (STRIDE)

Additional Information

We are the trailblazers in our space and we continually strive to learn and grow, but there is always time to celebrate a colleague's birthday or a recent success. We dress casually, have one of the best views in the city and the whole team sports Apple laptops. Our CEO Jason Weingarten and President Dan Bartfield always have their office doors open. And with opportunities for professional advancement, medical, dental and vision insurance, and a 401K match – Yello has you covered.

  • Yello is an Equal Opportunity Employer. All applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
  • Candidates local to Chicago are preferred.
  • You must be authorized to work in the United States.
  • Must be able to sit or stand for continuous periods of time
  • This role frequently communicates/interacts with individuals, must have strong written and oral communication skills
  • Yello reserves the right to assign or reassign the responsibilities and requirements to this job at any time
Read Full Job Description
Apply now
loading ...

Technology we use

  • Engineering
    • JavascriptLanguages
    • RubyLanguages
    • SqlLanguages
    • SwiftLanguages
    • ReactLibraries
    • ReduxLibraries
    • Ruby on RailsFrameworks
    • MySQLDatabases


We're located in the Loop, a block from the Art Institute and Millennium Park. Our office offers panoramic 360 degree views of Chicago.

What are Yello Perks + Benefits

Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K) Matching
Performance Bonus
Child Care & Parental Leave Benefits
Flexible Work Schedule
Family Medical Leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Company Outings
Stocked Kitchen
Some Meals Provided
Happy Hours
Recreational Clubs
Fitness Subsidies
Professional Development Benefits
Tuition Reimbursement

Additional Perks + Benefits

Yello sponsors office sports leagues and offers discounted memberships to Chicago Athletic Clubs. • Yello is dedicated to supporting career progression through professional development opportunities, mentorship and continued education • Yello offers healthy catered lunches each week and a fully stocked kitchen with fresh fruit and snacks.

More Jobs at Yello10 open jobs
All Jobs
Design + UX
Dev + Engineer
Design + UX
Design + UX