at PAUL HASTINGS LLP in Chicago, Illinois, United States
Job Description
Paul Hastings is a leading international law firm that provides innovative legal solutions to many of the world's top financial institutions and Fortune Global 500 companies. With a strong presence throughout Asia, Europe, Latin America, and the U.S., we have the global reach and extensive capabilities to provide personalized service wherever our clients' needs take us. As one of the world's leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.
We have an opening for a Senior Application Security Engineer in our Information Security Department.
The Senior Application Security Engineer will serve as subject matter expert integrating secure design for applications and services within the system development lifecycle. This position collaborates with business units, project management, and engineering teams to deliver secure solutions. Qualified candidates will have a background in cybersecurity or systems engineering.
In this capacity, the Senior Application Security Engineer will:
Perform security architecture and design reviews of applications and services;
Integrate security tasks and activities into system development methodologies (e.g. planning, design, implementation, operations, maintenance, and disposal); and
Perform validation of security controls to ensure consistency with industry standard methodologies.
In addition, the Senior Application Security Engineer will be expected to have experience with the following areas of responsibility:
Partner with engineering on development, implementation, and monitoring of security controls for the protection of applications, services and highly sensitive data;
Perform vendor technical solution acceptance verification and validation;
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks;
Assess gaps in existing policy and propose amendments to existing policy or new policy to address these gaps;
Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement;
Building threat models for enterprise applications to identify attack vectors and threats;
Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within SDLC; and
Provides guidance and support to self-testing, security control assessment, preparation of remediation plans, and development of continuous monitoring plans.
Proficiencies:
Strong communication skills with ability to articulate and translate security and risk management terminology in business terms;
Familiarity with project management methodologies.
Thorough understanding of the latest security principles, techniques, and protocols;
Detailed technical knowledge of cloud security and one or more of the following:application security, mobile security, and secure development methodologies;
Hands on experience with security systems, including vulnerability management, identity and access management, security risk assessments, application testing, SAST/DAST, etc.; and
Strong proven experience providing secure design guidance for diverse applications.
Qualifications:
Have minimum of 12 years' application design experience (preferred);
At least 5 years of information technology implementation or application quality assurance testing (required); and
BS degree in Computer Science or related field (preferred).
Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.
Eligible employees can participate in the Firm's comprehensive benefits program, which include the following:
Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short and Long Term Disability
Flexible Spending Account and Health Savings Account
Healthcare Concierge and Advocacy
Voluntary 401k Plan and Profit Sharing
10 Paid Holidays per year and a generous PTO program
Family Support including Pediatric Mental Health and Parental Support, Paid Parental Leave, Fertility Benefits, and Breast Milk Shipping
Back-up Child Care, Elder Care, and Tutoring
Wellness Programs (Employee Assistance Program, Mental Health, and Well-Being Events)
Retirement Plan Consulting
Anniversary Bonus Program
Professional Development Programs
Transportation Allowance and Commuter Benefits
International Travel Insurance
Auto/Home/Legal Insurance
Pet Insurance
Employee discounts
And more!
The Firm has a range of diversity initiatives including our Paul Hastings Affinity Networks (PHANs), Women's Initiative, and PH Balanced. These initiatives provide a... For full info follow application link.
Paul Hastings LLP is an equal employment and affirmative action employer F/M/Disability/Vet/Sexual Orientation/Gender Identity.
