Senior AI & Application Securi...
National Futures Association · Chicago, IL · 1 wk ago
Information Technology$153k–$272k/yrFull-time
What You'll Do
- Lead the secure design and implementation of both traditional enterprise and AI-powered applications by integrating security throughout the SDLC, performing architecture reviews, threat modeling, and application security testing across cloud and AI environments.
- Lead application security architecture reviews, threat modeling exercises, vulnerability assessments, and secure design assessments for web applications, APIs, cloud native platforms, and AI-enabled solutions.
- Develop the vision, roadmap, and operating model for securing applications, that illustrates how applications, integrations, cloud services, infrastructure, and network architecture work together as a cohesive ecosystem.
- Partner across technology and business teams to define security standards, identify emerging risk, implement proactive controls while developing meaningful metrics that demonstrate risk reduction and program effectiveness.
- Perform secure code reviews and implement remediation of application vulnerabilities.
- Assess and mitigate risks associated with Large Language Models (LLMs), Generative AI, AI agents, and AI assisted development tools.
- Develop, maintain, and adapt to application security standards that are aligned with OWASP Top 10, and industry best practices.
- Utilize security testing tools including BURP, to identify vulnerabilities, validate security controls, and follow through with remediation.
- Design, implement, and optimize Cloudflare security services including WAF, API security, DDoS protection, and Zero Trust capabilities.
- Integrate security controls automated testing, and policy validation into CI/CD pipelines and DevSecOps workflows.
- Collaborate with engineering teams to secure cloud environments and applications hosted in diverse cloud platforms.
- Serve as a SME on application security, AI security, cloud security, and secure software development practices.
- Present security assessments, risk findings, and strategic recommendations to senior leadership and key stakeholders, translating complex technical concepts into actionable outputs.
What We Are Looking For
- Subject matter expert across AI and traditional applications, security architecture, cloud technologies and network infrastructure with a deep understanding of how these domains work together to support secure operations.
- Hands on experience reviewing and writing code in one or more modern programming languages.
- Strong knowledge of secure coding practices, threat modeling, vulnerability management, and Secure SDLC methodologies.
- Expertise with OWASP Top 10, API Security, authentication, authorization, and application layer security controls.
- Experience securing and assessing cloud-native applications and architectures within various cloud platforms, as well as designing secure AI/LLM technologies.
- Experience architecting, implementing, and maintaining Cloudflare-based security protections, including WAF, API security, DDoS defenses, and other web application security controls.
- Strong communications skills with the ability to influence technical teams and drive security initiatives across the organization.
- Demonstrated experience guiding secure applications through the full lifecycle from requirements gathering, and architecture reviews to design, development, deployment, remediation and on-going optimization.
- Deep knowledge of how applications reside and interact across the cloud, network, and infrastructure environment, enabling the development of comprehensive security strategies and roadmaps.
- Experience interpreting and implementing enterprise security architecture principles and governance frameworks, with practical application of NIST SP 800-53, NIST Cybersecurity Framework (CSF) 2.0, NIST AI Risk Management Framework (AI RMF), NIST SP 800-218 (SSDF), and NIST SP 800-207 within application security programs.