Application Security Engineer

Chicago, IL /
Chicago Headquarters – Security /
At Amount we have a thriving culture and possess a truly entrepreneurial spirit. We value innovation and individual voices, we are committed to active inclusion and diversity, and we support each other's growth. Most importantly, we’re always ready to hustle!

Amount is seeking a Senior Application Security Engineer. The right candidate for the role would be a part of the Application Security team with the objective to serve as an application security consultant to the Engineering teams. Core responsibilities include collaborating with the Engineering, DevOps and other Information Security teams to engineer a secure solution for the organization.

If you’re ready to thrive in a fast-paced environment, come join an organization with visionary leadership and FinTech disruptors.  With your help, we will continue to reinvent banking by helping our Amount platform partners innovate and digitize their banking products and services!

What you'll work on:

    • Lead design security reviews for cloud, infrastructure and applications
    • Help guide engineering teams in the design phase and define security requirements for product features
    • Serve as a technical and business-savvy resource to software development engineering personnel on a range of secure software design issues, including IAM
    • Maintain and distribute industry practices for secure software development
    • Lead application security evaluations with an emphasis on security, reliability, information assurance
    • Provide high quality, comprehensive and accurate reports to assess, document, and communicate results of application evaluations
    • Liaise with application owners to report, monitor, and remediate risks
    • Embed into engineering teams to facilitate rapid response from Security for security compliance validation

Who you are:

    • 3+ years’ of relevant experience related to IT Security to include at least 1+ years’ secure coding or serving an application security role in a production environment
    • Very strong knowledge of application security threats and proficient in Web application security knowledge like OWASP 10 and SANS 25
    • Strong software development concepts and secure web application development skills
    • Familiarity with relevant application security testing tools such as Contrast, Burp, and OWASP ZAP
    • Hands on experience in SAST, DAST, WAF etc is a plus
    • Familiarity with Systems Lifecycle Development (SDLC) best practices
    • Knowledge with Scrum/Agile software development is a plus
    • Knowledge of public cloud environments and technologies, including Amazon Web Services (AWS) or other
    • Experience in DevOps environments and automating security controls into the CI/CD process is a plus
    • Experience with or knowledge of Jenkins or other CI tools
    • Development experience in Python, Java, JavaScript, or Ruby
    • Possesses knowledge of IT risk management concepts and applies them effectively when coding security solutions
    • Demonstrated excellence in providing superb customer service
    • Great communication skills (written, verbal, and listening)
    • Bachelor’s degree preferred; focus in computer science or a related technical field preferred
    • Relevant certification a plus (GIAC, GWAPT, CEH, OSCP/OSCE/OSWE)
About Us

Amount delivers the technology that financial institutions need to build and enhance the digital experience.

Built by digital lending industry veterans, Amount helps partners go digital in months—not years. Amount empowers multi-product omnichannel retail banking experiences and a robust point-of-sale financing suite underpinned by core platform features including fraud prevention, verification, decisioning engines and account management.

Amount partners can optimize performance across product categories by tapping into various service offerings including customer acquisition, funnel and performance assessments, and risk analytics.

Our values:

Optimistic: We believe technology has the power to improve the financial lives of everyone. 
Teamwork: We make the best technology work for our clients by working together. 
Risk Aware: We understand the impacts of each and every decision we make in our high risk industry. 
Integrity: We work honestly and undivided in our commitment to make more possible. 
Eager: We are self-starters, fully engaged and committed to pushing great ideas forward quickly and responsibly.
Respectful: We honor diversity, value inclusion, and create an environment of belonging for people of all backgrounds. 
Committed: We are dedicated to the highest standard for our partners, their customers, and our people. 
Curious: We seek to understand the core of each problem, enabling us to find the right solution. 

Benefits and Perks:

In light of COVID-19, we have transitioned to working fully remote, within the United States, temporarily.  We will continue to work remote in accordance with the CDC and local health authorities' recommendations.  Please consider that this position will not be remote long-term and our expectation is that this individual will join us in our Chicago or LA office when it is safe to do so. Note: International work is not permitted at this time.

Enjoy each other's company over virtual happy hours, yoga and meditation sessions, lunch and learns, team demo days, game nights, and more!
Take the time you need when you need it through our Flexible PTO policy.
Save $$ on taxes by using our commuter and transit benefits! We also have a bike storage room available onsite.
Take advantage of our comprehensive benefits package including medical, dental, vision coverage, 401(k), parental leave, HSA match, and an Employee Assistance Program.
Interested in having a stake in Amount? We offer a meaningful equity program.
Have a pet? Then, we're paws-itively certain you're going to love our My Pet Protection plans.
Short-term disability, long-term disability, and life insurance are options too!