Security Engineer III - Application Penetration Tester

We are hiring for full time hybrid (2 days) role in our Chicago office.

If candidates are outside of Chicago area relocation will be mandatory.

We cannot support remote or out of state employment.

Description

The Application Penetration Tester is responsible for performing manual application security assessments (application pentests) and communicating any findings to the Development and QA teams. Additionally, the engineer will provide application design support and security best practice guidance, in the form of consultations, to various development teams and Business stakeholders.

You will be working with a team of highly skilled Application Security Engineers that are responsible with the application security and security testing of CME Group's applications and services. This is a great environment to get exposure to a wide array of technologies and progress your application security career, while providing value to CME and helping to ensure that our applications are designed and coded in a secure fashion.

Requirements

• 6 years' experience performing whitebox application penetration testing (Web, APIs, Thick clients); or ability to demonstrate equivalent knowledge.
• Excellent skills with application security testing tools such as : Burpsuite, OWASP ZAP, SQLMap, IDA Pro, Kali, etc.
• Experience performing manual application source code security reviews for various languages such as : Java, .Net (C#, VB#), C .
• Experience working with containers (Kubernetes) and cloud technologies (GCP preferred).
• Experience with UNIX or Linux.
• Experience with scripting languages such as : Python, bash, Powershell, etc.
• Have a passion for application security, willingness to continue growing your skills in this domain, and be able to share your passion and learnings with teammates.
• Self-motivated and a self-starter. If you have a question, be pro-active in finding the answer and communicate your learnings with teammates.
• Excellent oral and written communications skills.

Nice to have :

Principal Accountabilities

Education

LI-Hybrid

LI-DS

dice

CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future. The salary range for this role is $98,100-$163,500. Actual salary offered will be dependent on a wide array of factors including but not limited to : relevant experience, skills, education and comparison to internal employees (where relevant). Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program. Through our Benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active Pension Plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic Benefits package for our team and their dependents.

CME Group : Where Futures are Made

CME Group is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career by shaping tomorrow. We invest in your success and you own it - all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.

Salary : $98,100 - $163,500