Application Security Analyst!
Are you passionate about securing applications and helping development teams build software that is resilient against evolving cyber threats? We are seeking a detail-oriented, curious, and collaborative Application Security Analyst to play a critical role in strengthening our application security program.
This is a new and exciting opportunity where you'll work closely with software development, business systems, information technology, and other teams to identify vulnerabilities, implement security best practices, and integrate security throughout the Software Development Lifecycle (SDLC). If you're an application security professional or developer who thrives in a fast-paced environment and enjoys solving complex security challenges, we'd love to hear from you.
Location/Schedule- Hybrid schedule with 3 days/week at our corporate office in Lake Forest, IL.
- Flexibility to be assigned an 'on call' schedule approximately once every 6 weeks.
- Local Northern IL/Southeast WI candidates only!
What You'll Do- Perform static and dynamic application security testing (SAST/DAST) using tools such as Veracode, Checkmarx, or Burp Suite
- Identify and analyze vulnerabilities, partnering with developers to drive timely, effective remediation
- Configure and optimize Web Application Firewall (WAF) rules; monitor logs to detect and mitigate threats
- Participate in secure design reviews, threat modeling, and architecture assessments
- Support API security, including authentication methods (OAuth, API keys) and secure data handling practices
- Track remediation efforts across teams, validate fixes, and document closure of vulnerabilities
- Maintain clear, up-to-date documentation on AppSec processes, tools, and standards
- Stay current on OWASP Top 10, SANS CWE Top 25, and emerging application-layer threats
What We're Looking For- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field- preferred
- 2+ years' experience in application security or software development with security responsibilities or 4+ years' experience in lieu of education
- Certifications in CSSLP, CASE, or GWEB- preferred
- 2 years' experience performing SAST and DAST
- Strong understanding of secure coding practices and SDLC integration
- Hands-on experience with AppSec tools and vulnerability management such as Veracode, Checkmarx, or Burp Suite
- Ability to translate technical findings into actionable guidance for developers
- Curiosity and commitment to staying ahead of evolving cyber threats
- Strong communication and collaboration skills
Compensation The annual salary range for this role is $ 67,980 to $108,768. This role is eligible for an annual bonus opportunity. A specific salary offer considers factors including but not limited to skill sets, experience and training, licensure and certifications, and other business and organizational needs. It is not typical for an individual to be hired at or near the top of the salary range and compensation decisions are dependent on the facts and circumstances of each case.
Consumers Credit Union provides eligible employees an opportunity to participate in our medical (High Deductible, HMO and PPO), dental, vision, spending accounts, short-term disability, long-term disability, life insurance and other plans effective date of hire. You will be eligible to participate in the 401(k) savings plan at any time. You will be automatically enrolled in the pension plan following six months of employment and 1,000 hours of service and reaching age 20.
For more information about benefit offerings, please visit our careers page: https://www.myconsumers.org/about/what-we-do/careers
