Security Engineer - Application Security
- Title: Security Engineer - Application Security
- Location: Dallas, TX | Chicago, IL - Hybrid (3-days onsite) - NOT REMOTE!
- Compensation: $140,000 - $170,000 base salary range + bonus
- Work authorization: US Citizen or Green Card holders only - we are unable to sponsor any type of visa at this time.
Glocomms are partnered with a leading Financial Services firm in the search for a Senior/Lead Security Engineer with extensive expertise in Application Security, Network/WebApp Penetration Testing. This role is part of a collaborative security team working alongside IT and software development groups to enhance and maintain the security posture of enterprise applications and systems, as well as integrating security into the SDLC, automating security processes, and conducting assessments across both cloud and on-premises environments.
Key Responsibilities:
- Conduct security assessments for networks, applications, and web platforms.
- Develop and maintain automation scripts to streamline security operations.
- Identify, document, and communicate security vulnerabilities and risks.
- Support secure development practices across legacy and modern cloud-native environments.
- Build and refine security tooling (e.g., SAST, DAST, SCA, IaC).
- Integrate security tools into CI/CD pipelines and developer workflows.
- Design and implement a secure SDLC framework tailored to agile delivery models.
- Automate security checks to ensure continuous visibility and compliance.
- Establish threat modeling and secure design review processes.
- Address security concerns in supply chain, AI/ML, and open-source components.
- Analyze vulnerability reports and conduct risk assessments.
- Manage and operate both cloud-based and self-hosted security scanning tools.
- Facilitate code review sessions to reduce false positives and promote collaboration.
- Support the implementation and management of vulnerability tracking tools.
- Conduct independent security reviews of internal applications.
- Provide remediation guidance and debrief stakeholders on findings.
- Ensure alignment with industry standards, regulatory requirements, and internal policies.
- Review application releases to verify secure code deployment.
- Develop automation to assist teams in interpreting and remediating vulnerabilities.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.