Sr. Application Security Engineer

At Echo, we foster a culture that promotes continuous learning, innovation, and personal development. Apply today and grow with Echo!
The Security Engineering team is looking for a seasoned application security engineer to shape the practice of software security at Echo. As a Senior Application Security Engineer, you will be responsible for ensuring that our product stack remains secure, and collaborating across the organization to promote security best practices in all aspects of the SDLC.
Overview:
The Security Engineering team is looking for a seasoned application security engineer to shape the practice of software security at Echo. As a Senior Application Security Engineer, you will be responsible for ensuring that our product stack remains secure, and collaborating across the organization to promote security best practices in all aspects of the SDLC.
Job Responsibilities:

• Work with the security technology, and business leadership to implement an application security strategy.
• Create metrics to demonstrate the effectiveness of our application security program and drive continuous improvement initiatives.
• Partner with engineering and product leaders to help them prioritize security in their products as a part of their broader business goals
• Collaborate with peers to implement scalable application security program through a combination of standards and metrics
• Collaborate with platform engineering teams to incorporate security improvements as shared platform components
• Identify software security design and architectural risks, and develop mitigation plans
• Perform security assessments on native, managed, and interpreted software using static and dynamic analysis techniques, white-box, and black-box testing methods
• Develop and maintain security analysis tools in situationally appropriate languages (eg Python, C/C++, JavaScript)
• Participate in Incident Response and problem remediation
• Design, develop and deliver security training talks and courses for software engineers.
• Mentor software engineers on mitigating security vulnerabilities and threats in applications.
• Perform web, mobile, and desktop application penetration testing
• Participate in company level security compliance efforts
• Develop proof-of-concepts, triage security bugs, and notify the appropriate engineering teams
• Evangelize security standards and platform components, driving adoption across product engineering teams
• Learn departmental support procedures and participate in on-call rotation schedule

Requirements:

• Bachelor's Level Degree with 5-10 years of relevant working experience
• BS in Computer Science or equivalent experience
• Experience implementing security solutions at various company sizes and system complexity
• At least 3 years of experience in application-level vulnerability testing and auditing
• At least 2 years of experience working with development teams that have delivered software-based services, preferably in an Agile environment
• Knowledge of network and web related protocols such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, SSH, and TLS
• Knowledge of system security vulnerabilities and remediation techniques
• Experience with encryption technologies and authentication processes including but not limited to OAuth, SSL/TLS, WPA2, JWE, and BLE encryption
• Experience with security testing tools such as Burp Suite, OWASP, and Zap
• Experience integrating automated security analysis tools into the SDL
• Prefer at least 3 years of system, network and/or application security experience
• Professional development experience using at least one major programming language such as C, C++, Java, C#, and/or Python preferred
• Experience with service-oriented architecture and web services security, the application of threat modeling or other risk identification techniques, and binary reverse-engineering using tools such as IDA Pro, radare2, OllyDbg, and hex editors is also preferred

Echo Global Logistics is a leading provider of technology-enabled solutions and supply chain management. We utilize technology to simplify transportation management for our clients and carriers by handling the critical tasks on their behalf so they can focus on what they do best. From coast to coast, dock to dock, and across all major transportation modes, Echo connects businesses that ship their product with carriers who transport those goods quickly, securely, and cost-effectively.
Echo Global Logistics has recently been ranked in Crain's Business as a Top 25 Tech Employer in Chicago along with other recognitions as the top 3PL provider. We are looking for incredible people to join our team and help carry out our mission of providing our clients with best in class service and technology!
Work environment/physical demands summary:
This job operates in an office environment and uses a computer, telephone and other office equipment as needed to perform duties. The noise level in the work environment is typical of that of an office with an open seating floor plan. The employee may encounter frequent interruptions throughout the work day. The employee is regularly required to sit, talk, or hear.
All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, or Vietnam era or other protected veteran.
#LI-SE1
#Remote