Principal Application Security Engineer

Our client is seeking a Principal Application Security Engineer to join their team. The Principal Application Security Engineer will be responsible for defining and driving the application security strategy across the organization. This role ensures secure design and development practices are embedded within the software development lifecycle (SDLC) and DevSecOps pipelines. The architect will lead efforts to implement security tooling, establish reporting frameworks, and collaborate with developers, infrastructure teams, vendors, and security stakeholders to maintain a robust application security posture.Duties and Responsibilities:To perform this job successfully, an individual must be able to perform each duty satisfactorily. Other ancillary duties may be assigned.Lead the design and implementation of application security architecture and engineering across enterprise applications, partnering with software development, infrastructure, and platform teams to secure cloud-native and on-prem environments.Embed security controls and best practices into CI/CD pipelines and DevSecOps workflows, driving adoption of secure coding standards and threat modeling across engineering teams.Evaluate, implement, and operate application security tooling (e.g., SAST, DAST, IAST, container security and related capabilities), ensuring solutions are effective, scalable, and well-integrated.Define, develop, and maintain application security metrics, reporting, and dashboards to provide visibility to leadership and key stakeholders.Engage and collaborate with third-party vendors to assess and validate the security capabilities of applications and services.Provide guidance and mentorship on application security standards, risk management, and compliance requirements to elevate security maturity across teams.Participate in occasional off-hours support as needed to support troubleshooting or emerging threats.Provides day-to-day management for the Information Protection function, responsible for security technologies utilized to protect data and networks.Participates in Information Security Office leadership team to drive innovative security solutions, and collaboration with other IT and global functions.Responsible for managing the work environment, identifying workforce needs and ensuring performance against expectations, values and vision.Manages security audit and intrusion detection system logs for system and network anomalies and provides highest level analysis.Responds to unique, highly complicated, suspicious or malicious events detected through collection or reported by Help Desk or users.Provides technically advanced remediation and application event support to IT operations and engineering teamsPerforms initial computer system forensic investigations and supports fraud investigations.Provides top level analysis, design and support for log collection of firewalls, routers, networks and operating systems.Communicates technical and event assessment results, evaluates engineering and integration initiatives and provides technical expertise to assess security policies, standards and guidelines.Develops, collects and analyzes logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.Reviews and recommends the installation, modification or replacement of hardware or software componentsIdentifies and addresses any configuration change(s) that impact event collection.Supervisory Responsibilities:Will coach and mentor less experienced analysts and act as team leader on more complicated systems projects.Qualifications:Education and Experience:Education: Bachelor's Degree (accredited) in Computer Science, MIS, Business Administration or similar area of study or in lieu of degree, High School Diploma or GED (accredited) and four years of relevant work experience.Experience: Seven years of prior work experience (in addition to education requirement).Certificates, Licenses, Registrations or Other Requirements:One or more of the following is required:Certified Information Systems Security Professional (CISSP).Certified Information Systems Auditor (CISA).Certified Information Security Manager (CISM).Other Knowledge, Skills or Abilities Required:Technically advanced or in-depth knowledge or skills in one or more of the following is required:Fortune 500 experience.Deep understanding of application security principles and secure coding practicesAbility to design and implement security controls in CI/CD pipelinesStrong analytical and problem-solving skills with attention to detailExcellent communication and collaboration skills to work with cross-functional teamsAbility to produce clear and actionable security reports and dashboards for stakeholdersAbility to create and deliver presentations targeted to either end users or senior managementExperience in several or more of the following application security technologies: SAST (Static Application Security Testing), DAST (DynamicApplication Security Testing), IAST (Interactive Application Security Testing), SCA (Software Composition Analysis / open-source dependency scanning), API security (API discovery, auth testing, schema validation, runtime protection), RASP (Runtime Application Self-Protection), Pen-test automation / BAS for apps (continuous validation of controls) and SBOM (software bill of materials) & supply chain security provenance/attestationExperience in the areas of change control, problem management, incident management troubleshooting security solutionsAbility to handle successfully multiple projects at one timeSalary: $150,000 - $170,000k per year (based on experience) plus bonus + benefits.About The CompanyPeterson Technology Partners (PTP) is an Equal Opportunity Employer committed to creating a transparent, inclusive, and human-centered hiring experience.For more than 28 years, PTP has operated as one of the top IT staffing and recruiting firms in the USA—built on trust, long-term partnerships, and technical excellence.Based in the Chicago suburb of Park Ridge, IL, our team of more than 500 employees and consultants is dedicated to:Helping every client make the best hiring decisions possibleMatching professionals with the right IT jobs and career opportunitiesAs part of that commitment, we believe in providing clear information about how our hiring technologies work and how your data is used. The following section outlines our AI-assisted interview process and your rights as a candidate.AI-Assisted Interview Experience (Pete & Gabi – Rebecca)To provide a consistent, fair, and flexible experience for all candidates, we use AI-assisted tools to support parts of the interview process. This includes our proprietary AI platform Pete & Gabi, which includes AI recruiter Rebecca.These AI hiring tools help us:Transcribe interviewsSummarize candidate responsesGenerate job-related insightsStreamline communication and schedulingPlease note that:The AI does NOT make hiring decisions; all decisions are made by our human recruiters, hiring managers, or client partners.The AI does not evaluate facial expressions, emotions, or physical traits; it is used only to support fairness, consistency, and efficiency.If you prefer a non-AI interview format, we will gladly provide an alternative.Technical or Case Interviews (Role-Dependent):When applying for certain tech jobs, you may participate in:A technical interviewA coding challengeA case studyA client-specific assessmentWe will always explain what to expect in advance so you can prepare with confidence.Human Review & Selection:Every candidate's profile—including interviews, conversations, and assessments—is reviewed by experienced recruiters and hiring leaders.AI insights may assist with organization and evaluation, but final decisions are always human-driven.Your Rights as a Candidate:At PTP, every candidate has the right to:Request a non-AI interview pathAsk how your data is being usedRequest access to transcripts or interview recordingsRequest deletion of your AI-recorded interviewReceive clear, timely communicationOur goal is to ensure you feel respected, informed, and supported throughout your experience.Our Commitment:For more than 28 years, PTP has focused on putting people first—candidates, consultants, employees, and clients.We're committed to a hiring process that is:TransparentCompliantEquitablePowered by innovative technology that enhances—not replaces—human judgmentWelcome to the future of hiring at Peterson Technology Partners.We're excited to learn more about you.Equal Employment Opportunity:Peterson Technology Partners is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, national origin, gender identity, sexual orientation, disability, veteran status, or any other protected characteristic.