Senior Application Security Engineer
Tempus AI · Chicago, IL · 2 wk ago
Information Technology$130k–$180k/yrFull-time
Key Responsibilities
- Execute advanced black-box and grey-box penetration tests on web applications, APIs (REST/GraphQL), and internal systems.
- Perform deep-dive mobile security assessments on iOS and Android, including reverse engineering and bypassing client-side controls like root detection and certificate pinning.
- Lead specialized security testing and threat modeling for FDA-regulated medical device software, ensuring compliance with HIPAA, GDPR, and FDA cybersecurity guidelines.
- Develop high-quality technical reports detailing exploit chains and business logic flaws, providing engineering teams with hands-on remediation guidance.
- Automate security testing by developing custom tools and scripts in languages such as Python, Go, or PowerShell.
- Communicate complex security risks and business impacts to executive leadership and cross-functional stakeholders.
- Mentor junior team members and provide security training to development teams to foster a robust culture of security awareness.
Qualifications
- 5+ years of experience in penetration testing, ideally within healthcare or highly regulated environments.
- Expert knowledge of web/API vulnerabilities (OWASP Top 10) and mobile testing frameworks (Frida, Burp Suite, MobSF, Ghidra).
- Understanding of medical protocols (DICOM, HL7) and cloud security practices (AWS, Azure, or GCP).
- Proficiency in scripting languages (Python, JavaScript/TypeScript, Go) and secure SDLC practices.
- Excellent analytical, problem-solving, and interpersonal communication skills.
PREFERRED CERTIFICATIONS
- Offensive Security: OSCP, OSCE, or OSWE.
- Mobile Security: eCMAP or GMOB.
- General/Regulated: CEH, CSSLP, GPEN, GWAPT, or UL 2900 training.
Pay
The expected salary range above is applicable if the role is performed from Illinois and may vary for other locations (California, Colorado, New York). Actual salary may vary based on qualifications and experience.
Benefits
We offer a full range of benefits, which may include incentive compensation, restricted stock units, medical and other benefits depending on the position.
We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.