Principal Application Security Engineer at Cboe Global Markets - ScoutJobs - The AI-curated global job board
Skip to content
Cboe Global Markets
Posted 10 days ago

Principal Application Security Engineer

Cboe Global MarketsPrincipal Application Security Engineer

Perks & benefits

Medical InsurancePaid Leave

Requirements

12+ years application security experience, Software engineering background, Proficiency in backend languages (C++, Go, Java, C#, Python, or Node.js), Kubernetes security expertise, DevSecOps tooling integration experience, Hybrid cloud security experience

Skills

KubernetesDevSecOpsPython

About the role

Responsibilities

  • Own secure architecture reviews and threat modeling for new systems, establishing direction for Kubernetes trust boundaries and API authorization models.
  • Define and drive adoption of application and API security standards, including authentication patterns and mitigations for common vulnerability classes.
  • Set technical direction for Kubernetes workload security, including RBAC, pod security controls, namespace isolation, and network policies.
  • Establish container image security strategies, including secure base image standards, vulnerability management, and SBOM practices.
  • Drive the design and adoption of DevSecOps guardrails in CI/CD pipelines, integrating SAST, SCA, secret scanning, and IaC scanning.
  • Lead the secure adoption of AI-enabled development and security capabilities, establishing patterns for secure code review and automated assessments.
  • Own the strategy for risk-based software vulnerability management, including triage, exploitability assessment, and remediation priorities.

Requirements

  • 12+ years of experience in application security, product security, or software engineering.
  • Proven ability to read, write, and review production-grade code in at least one modern backend language (C++, Go, Java, C#, Python, or Node.js).
  • Strong working knowledge of Kubernetes security primitives (RBAC, namespaces, service accounts, pod security) and container build practices.
  • Hands-on experience integrating DevSecOps tooling (SAST, SCA, secret scanning, IaC/container scanning) into CI/CD pipelines.
  • Experience securing hybrid environments with workloads running in both public cloud (EKS, AKS, GKE) and on-premises Kubernetes platforms.
  • Bachelor's degree in Computer Science, Information Security, or a related field preferred.

Preferred Qualifications

  • Relevant security certifications such as CSSLP, CKS, OSCP, or AWS/Azure Security Specialty.

Benefits

  • Medical, Dental, and Vision coverage.
  • 401K or Pension Company Match.
  • Employee Stock Purchase Plan (ESPP).
  • Paid Time Off and Retirement Savings Plan.
  • Life and AD&D Insurance.

About the Company

Cboe Global Markets provides the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing, and investment solutions to market participants around the world.

ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Principal Application Security Engineer

Cboe Global Markets · Chicago

Sign up to apply