Security Lead / SME || onsite in Chicago, IL

Dice is the leading career destination for tech experts at every stage of their careers. Our client, 1 Point System, is seeking the following. Apply via Dice today!Title; Security Lead / SMELocation: Chicago, ILDuration: 12 MonthsPrimary Skills: Security, SAST, DAST, APIDescription:The consultant will be responsible for end-to-end application security testing across enterprise applications. This includes Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), API security testing, AI/ML platforms, and penetration testing. This role requires deep expertise in identifying vulnerabilities, guiding remediation, and ensuring compliance with industry standards such as OWASP Top 10, CWE, CVE, and NIST guidelines.Required Technical Knowledge & CompetenciesExpertise in SAST, DAST, API security testing, and penetration testing.Strong programming knowledge (Java, .NET, Python, JavaScript) for code level analysis,Background of DevelopmentBuild, maintain, and secure automation pipelines using tools like Jenkins, GitLab CI, or GitHub Actions, ensuring security scans occur at every code commit.Implement and manage security tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Security (e.g., Trivy), and dependency scanningUse tools like Terraform or Ansible to deploy secure, compliant infrastructure.Proactively identify, prioritize, and remediate security vulnerabilities in application code and infrastructure.Ensure compliance with industry standards (e.g., PCI-DSS, GDPR) by embedding compliance-as-code into the development workflow.Act as a security advocate, working with DevOps and Development teams to foster a "security first" culture. Familiarity with cloud security testing (AWS, Azure, Google Cloud Platform),Experience with container security (Docker, Kubernetes),Excellent communication and stakeholder management skills.Qualifications6-8 years of IT experience, with at least 5+ years in application security testing.Preferred certifications: OSCP, CEH, GWAPT, CISSP