Application Security Engineer Jobs in Chicago
Securing applications is a critical need, and Chicago's robust tech landscape offers significant opportunities for Application Security Engineers. From the high-frequency trading floors of LaSalle Street to innovative healthtech startups, companies in the Windy City are actively seeking experts like you to fortify their software against evolving threats. You'll find a dynamic environment where your skills in threat modeling, secure SDLC, and code review are highly valued. Chicago boasts a thriving tech scene, particularly strong in fintech, healthtech, and logistics. This diversity means a wide array of challenges and growth paths for AppSec professionals, allowing you to apply your expertise across various complex systems. Prepare to join an ecosystem that values both cutting-edge technology and a collaborative spirit, driving innovation in secure application development.
The Market
Chicago hiring landscape
Chicago's market for Application Security Engineers is currently experiencing high demand, driven largely by its dominant fintech, quant trading, and healthtech sectors. These industries, managing sensitive data and high-value transactions, have a continuous, urgent need for robust application security. The hiring temperature is warm, with companies investing in strengthening their security postures against sophisticated cyber threats. Recent shifts show increased emphasis on cloud security, API security, and integrating security earlier into the development lifecycle, moving beyond traditional perimeter defenses.
Demand
High demand
Competition
Moderately competitive
Hub for
fintech / quant trading, healthtech, logistics
Salary range
Quoted in USD · base + typical equity for Chicago
Salaries in Chicago for Application Security Engineers typically represent total compensation (base salary + equity/RSUs + bonuses). While slightly lower than coastal tech hubs, the lower cost of living in Chicago often results in comparable or even higher net purchasing power. Equity grants are common, especially at mid-to-senior levels in tech and trading firms, significantly impacting total annual compensation.
See full application security engineer salary breakdown for ChicagoWhere to apply
Top employers in Chicago
Citadel
As a global financial institution and hedge fund, Citadel has incredibly stringent security requirements for its trading platforms and proprietary technology, offering complex AppSec challenges.
High-performance trading systems, C++, Python, low-latency applications, advanced threat modeling, quantitative security.
Google (Chicago office)
Google's Chicago office focuses on Cloud (Google Cloud Platform) and enterprise products, necessitating robust application security for large-scale distributed systems and customer-facing services.
Cloud security (GCP), large-scale web applications, Python, Go, Java, secure software development lifecycle (SSDLC).
Relativity
A leading legal tech company, Relativity handles vast amounts of sensitive client data, making application security crucial for maintaining trust and compliance in their e-discovery platform.
.NET, C#, Azure Cloud, data privacy, compliance (e.g., GDPR, CCPA), secure code review, SAST/DAST.
Tempus
Operating at the intersection of AI and healthcare, Tempus manages highly sensitive patient genomic and clinical data, demanding top-tier application security for its analytical platforms.
Python, AWS, healthcare data security (HIPAA), machine learning security, data privacy frameworks, microservices security.
Grubhub
As a major food delivery service, Grubhub processes millions of transactions and user data daily, requiring robust AppSec to protect both consumer and restaurant partner information.
Java, Python, AWS/GCP, API security, mobile application security, e-commerce security, microservices architecture.
Morningstar
A global financial services firm, Morningstar provides investment research and data, making application security essential for protecting proprietary data and client financial information.
Financial platforms, .NET, Java, cloud security, data integrity, compliance (FINRA, SEC), secure API design.
TransUnion
A global information and insights company, TransUnion handles vast amounts of consumer credit data, making application security paramount for data protection and regulatory compliance.
Large-scale data systems, Java, cloud environments, data privacy, regulatory compliance, identity and access management.
UChicago Medicine
As a leading academic medical center, UChicago Medicine develops custom applications for patient care and research, where securing health information is of utmost importance.
Healthcare applications, EMR systems, HIPAA compliance, cloud security (Azure/AWS), secure coding standards, medical device security.
Playbook
Apply smarter, not faster
Target Chicago's fintech and trading firms specifically.
These companies, like Citadel or Optiver, have a high demand for AppSec talent due to the criticality of their systems and the sensitive nature of financial data. Tailor your resume to highlight experience with low-latency systems, quantitative security, or regulatory compliance.
Showcase your threat modeling skills with a case study.
Application Security roles in Chicago frequently involve being a 'no' person, but successful candidates demonstrate how they enable secure development. Present a project where you identified threats early and proposed practical, developer-friendly mitigations, showing you understand business context.
Network within Chicago's cybersecurity communities.
Attend local meetups for OWASP Chicago, ISC2 Chicago Chapter, or other tech events. Many opportunities are shared through word-of-mouth, and demonstrating local engagement can provide a significant advantage in a competitive market.
Highlight experience with cloud-native security and API security.
Many Chicago companies, from startups to large enterprises, are heavily invested in cloud platforms (AWS, Azure, GCP) and microservices architectures. Emphasize your ability to secure APIs, containers, and serverless functions to stand out.
Demonstrate impact beyond just 'finding bugs'.
Hiring managers in Chicago want AppSec Engineers who can integrate security into the SDLC. Describe how you influenced developer teams, built security tooling, or reduced remediation cycles, proving your ability to drive change and measure success.
Tailor your resume for ATS systems prevalent in Chicago.
Many Chicago tech companies, especially mid-to-large size, use Greenhouse or Lever. Optimize your resume with keywords from job descriptions and ensure it's parseable to increase your chances of getting past initial screening filters.
Visa & relocation
Working in Chicago
For non-US citizens, a visa is typically required to work as an Application Security Engineer in Chicago. Many large tech firms, fintech institutions, and healthtech companies in Chicago have strong track records of sponsoring H-1B visas and supporting green card applications. Employers in these sectors are generally familiar with the process due to the high demand for skilled tech talent. English is the universal language of business in Chicago, so fluency is expected. While relocation packages vary, many companies offer assistance with moving expenses, temporary housing, and immigration legal fees, particularly for mid to senior-level roles.
FAQ
Application Security Engineer jobs in Chicago
What you should know.
Salaries for Application Security Engineers in Chicago range from approximately $95,000 for junior roles to over $260,000 for senior positions, including base salary, equity, and bonuses. These figures represent total compensation and are competitive given Chicago's lower cost of living compared to coastal tech hubs.
Browse