Lead Security Software Engineer
$119,900–$199,800 year
On-site · Chicago, Illinois, United States
Job Summary
Lead Security Software Engineer responsible for designing and implementing secure software solutions across GIS and enterprise groups. Drives secure SDLC standards, architecture, and roadmap planning; mentors and collaborates with external groups; develops secure reference designs and products. Must demonstrate deep software engineering expertise with secure coding principles, unit/integration/system testing, and cloud-native deployments. Requires mastery in at least one primary language, strong scripting for provisioning AWS services, experience with containers (Docker/Kubernetes), CI/CD pipelines, IaC (CloudFormation, Terraform, Ansible), and familiarity with security frameworks and certifications. The role emphasizes cross-team collaboration, design reviews, environment deployment, documentation, and contributing to scalable secure architectures across CME Group. Salary range $119,900-$199,800 with comprehensive benefits; location in Chicago, IL." ,
Required Qualifications
- A Bachelor's or Master's degree in Computer Science, Information Systems or other related field; or equivalent work experience.
- 6+ years of application development and/or infrastructure engineering experience.
- 2+ years of active hands-on experience with application deployments in the Cloud (AWS, GCP, Azure).
- Experience in using DevSecOps tools and frameworks for managing infrastructure as code like (or similar to) CloudFormation, Terraform, Chef, Puppet, Ansible.
- Experience with DevSecOps tools such as Jenkins, Maven, Git, and Ansible.
- Experience working with containers and container systems such as Docker and Kubernetes.
- Experience writing code and scripts to automate provisioning of AWS services and to configure services, using tools and languages including AWS CLI / API, Jenkins, Python, Bash, and Git.
- Experience with Java, Python, JavaScript (Node.js) and possibly .NET (C#, C++).
- Experience with logging/monitoring tools such as CloudWatch and Splunk; ticketing systems such as Jira.
- Familiarity with security certifications such as CISSP, CSSLP, GSSP-*, CASE, CERT Secure Coding, PECB Lead Secure Application Developer (desirable).
- Strong understanding of secure software architectures, secure SDLC disciplines (cryptography, authentication/authorization, secure data handling, auditing, input validation), and modern architectures (microservices, Cloud Native, IaC).
- Excellent oral and written communication skills.
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.