Principal Application Security Engineer

Our client is seeking a Principal Application Security Engineer to join their team. The Principal Application Security Engineer will be responsible for defining and driving the application security strategy across the organization. This role ensures secure design and development practices are embedded within the software development lifecycle (SDLC) and DevSecOps pipelines. The architect will lead efforts to implement security tooling, establish reporting frameworks, and collaborate with developers, infrastructure teams, vendors, and security stakeholders to maintain a robust application security posture.

Duties and Responsibilities:

• To perform this job successfully, an individual must be able to perform each duty satisfactorily. Other ancillary duties may be assigned.
• Lead the design and implementation of application security architecture and engineering across enterprise applications, partnering with software development, infrastructure, and platform teams to secure cloud-native and on-prem environments.
• Embed security controls and best practices into CI/CD pipelines and DevSecOps workflows, driving adoption of secure coding standards and threat modeling across engineering teams.
• Evaluate, implement, and operate application security tooling (e.g., SAST, DAST, IAST, container security and related capabilities), ensuring solutions are effective, scalable, and well-integrated.
• Define, develop, and maintain application security metrics, reporting, and dashboards to provide visibility to leadership and key stakeholders.
• Engage and collaborate with third-party vendors to assess and validate the security capabilities of applications and services.
• Provide guidance and mentorship on application security standards, risk management, and compliance requirements to elevate security maturity across teams.
• Participate in occasional off-hours support as needed to support troubleshooting or emerging threats.
• Provides day-to-day management for the Information Protection function, responsible for security technologies utilized to protect data and networks.
• Participates in Information Security Office leadership team to drive innovative security solutions, and collaboration with other IT and global functions.
• Responsible for managing the work environment, identifying workforce needs and ensuring performance against expectations, values and vision.
• Manages security audit and intrusion detection system logs for system and network anomalies and provides highest level analysis.
• Responds to unique, highly complicated, suspicious or malicious events detected through collection or reported by Help Desk or users.
• Provides technically advanced remediation and application event support to IT operations and engineering teams
• Performs initial computer system forensic investigations and supports fraud investigations.
• Provides top level analysis, design and support for log collection of firewalls, routers, networks and operating systems.
• Communicates technical and event assessment results, evaluates engineering and integration initiatives and provides technical expertise to assess security policies, standards and guidelines.
• Develops, collects and analyzes logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
• Reviews and recommends the installation, modification or replacement of hardware or software components
• Identifies and addresses any configuration change(s) that impact event collection.

Supervisory Responsibilities:

• Will coach and mentor less experienced analysts and act as team leader on more complicated systems projects.

Qualifications:

Education and Experience:

• Education: Bachelor's Degree (accredited) in Computer Science, MIS, Business Administration or similar area of study or in lieu of degree, High School Diploma or GED (accredited) and four years of relevant work experience.

Experience: Seven years of prior work experience (in addition to education requirement).

Certificates, Licenses, Registrations or Other Requirements:

One or more of the following is required:

• Certified Information Systems Security Professional (CISSP).
• Certified Information Systems Auditor (CISA).
• Certified Information Security Manager (CISM).

Other Knowledge, Skills or Abilities Required:

Technically advanced or in-depth knowledge or skills in one or more of the following is required:

• Fortune 500 experience.
• Deep understanding of application security principles and secure coding practices
• Ability to design and implement security controls in CI/CD pipelines
• Strong analytical and problem-solving skills with attention to detail
• Excellent communication and collaboration skills to work with cross-functional teams
• Ability to produce clear and actionable security reports and dashboards for stakeholders
• Ability to create and deliver presentations targeted to either end users or senior management
• Experience in several or more of the following application security technologies: SAST (Static Application Security Testing), DAST (Dynamic
• Application Security Testing), IAST (Interactive Application Security Testing), SCA (Software Composition Analysis / open-source dependency scanning), API security (API discovery, auth testing, schema validation, runtime protection), RASP (Runtime Application Self-Protection), Pen-test automation / BAS for apps (continuous validation of controls) and SBOM (software bill of materials) & supply chain security provenance/attestation
• Experience in the areas of change control, problem management, incident management troubleshooting security solutions
• Ability to handle successfully multiple projects at one time

Salary: $150,000 - $170,000k per year (based on experience) plus bonus + benefits.

About The Company

Peterson Technology Partners (PTP) is an Equal Opportunity Employer committed to creating a transparent, inclusive, and human-centered hiring experience.

For more than 28 years, PTP has operated as one of the top IT staffing and recruiting firms in the USA built on trust, long-term partnerships, and technical excellence.

Based in the Chicago suburb of Park Ridge, IL, our team of more than 500 employees and consultants is dedicated to:

Helping every client make the best hiring decisions possible

Matching professionals with the right IT jobs and career opportunities

As part of that commitment, we believe in providing clear information about how our hiring technologies work and how your data is used. The following section outlines our AI-assisted interview process and your rights as a candidate.

AI-Assisted Interview Experience (Pete & Gabi Rebecca)

To provide a consistent, fair, and flexible experience for all candidates, we use AI-assisted tools to support parts of the interview process. This includes our proprietary AI platform Pete & Gabi, which includes AI recruiter Rebecca.

These AI hiring tools help us:

• Transcribe interviews
• Summarize candidate responses
• Generate job-related insights
• Streamline communication and scheduling

Please note that:

The AI does NOT make hiring decisions; all decisions are made by our human recruiters, hiring managers, or client partners.

The AI does not evaluate facial expressions, emotions, or physical traits; it is used only to support fairness, consistency, and efficiency.

If you prefer a non-AI interview format, we will gladly provide an alternative.

Technical or Case Interviews (Role-Dependent):

When applying for certain tech jobs, you may participate in:

• A technical interview
• A coding challenge
• A case study
• A client-specific assessment

We will always explain what to expect in advance so you can prepare with confidence.

Human Review & Selection:

Every candidate's profile including interviews, conversations, and assessments is reviewed by experienced recruiters and hiring leaders.

AI insights may assist with organization and evaluation, but final decisions are always human-driven.

Your Rights as a Candidate:

At PTP, every candidate has the right to:

Request a non-AI interview path

Ask how your data is being used

Request access to transcripts or interview recordings

Request deletion of your AI-recorded interview

Receive clear, timely communication

Our goal is to ensure you feel respected, informed, and supported throughout your experience.

Our Commitment:

For more than 28 years, PTP has focused on putting people first candidates, consultants, employees, and clients.

We're committed to a hiring process that is:

• Transparent
• Compliant
• Equitable
• Powered by innovative technology that enhances not replaces human judgment

Welcome to the future of hiring at Peterson Technology Partners.

We're excited to learn more about you.

Equal Employment Opportunity:

Peterson Technology Partners is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, national origin, gender identity, sexual orientation, disability, veteran status, or any other protected characteristic.