Python Django Senior Application Security Engineer Hybrid - US
Energy SolutionsChicago, Illinois
Full Time
Posted November 20, 2025
$119k - $147k
Apply Now
Application opens on company website
Job Description
A Senior Application Security Engineer responsible for managing and improving the security of internal applications through risk assessment, security controls, code reviews, and compliance, primarily focusing on Django Python development and collaboration with engineering teams.
Key Responsibilities
- Manage security and risk for internal applications by contributing to the application security roadmap and prioritizing risks.
- Consult with engineers to communicate security requirements, create actionable tickets, and drive adoption of security practices.
- Conduct security-focused pull request reviews, provide guidance on refactors, and approve or deny changes with rationale.
- Review static code scans, triage findings, and drive remediation efforts in collaboration with owners.
- Build reference security implementations in Django Python, including authentication, input validation, secrets handling, and access controls.
- Translate SOC 2 NIST requirements into engineering stories, controls, and automated evidence within CI/CD pipelines.
- Develop and document secure architecture patterns, threat models, and security-related design decisions.
- Oversee security tasks throughout the Software Delivery Life Cycle (SDLC) to ensure compliance.
- Collaborate with development teams and serve as a security architecture subject matter expert.
- Recommend application security improvements based on best practices and security standards.
Requirements
- Minimum of 5 years experience in application security experience.
- Practice and implementation with Django Python with a clear application-security focus, including production experience and impact, not just theory.
- Engineering background in software or DevOps SRE with the ability to read, modify code, review pull requests, and build proof-of-concept implementations.
- Experience with GitHub security, including reviewing static code scans, triaging findings, eliminating noise, and driving remediation with owners.
- Experience embedding secure Software Development Life Cycle (SDLC) into Git-based workflows and CI/CD pipelines, including pre-commit hooks, pipeline gates, and policy-as-code.
- Practical knowledge of SOC 2 and familiarity with NIST 800-53, with the ability to translate requirements into technical tasks and evidence.
- Ability to operate across code, application, and DevOps containers, including Infrastructure as Code (IaC) basics, secrets management, and logging and monitoring.
- Clear, persuasive verbal and written communication skills, with the ability to prioritize tasks effectively.
- Excellent time management skills with a proven ability to meet deadlines.
- Excellent interpersonal and negotiation skills.
- Ability to read, review, and make recommendations on secure Django Python patterns.
- Ability to serve as a steward for static application security testing (SAST) scanning, including reviewing scan results, triaging findings, and driving remediation.
- Ability to contribute to application security roadmaps, prioritize risks, and sequence work across codebases, application layers, and DevOps.
- Ability to consult with engineers to communicate security requirements, create actionable tickets, acceptance criteria, and drive adoption.
- Experience with mapping SOC 2 and NIST standards to engineering work, translating requirements into stories, controls, and automated evidence in CI/CD.
- Experience reviewing architecture and code changes for security impact and ensuring compliance with company security policies and standards.
- Ability to act as a liaison between technical requirements from security, privacy, compliance, and development teams.
- Participation as a subject matter expert in security architecture, including new designs and design reviews.
- Strong organizational skills and attention to detail.
- Strong analytical and problem-solving skills.
- Ability to adapt to organizational needs and prioritize tasks according to severity.
- Proficiency in AWS Security services such as CloudWatch and GuardDuty.
Benefits & Perks
Salary range of 119,100 - 147,400 USD annually, with a target compensation of 119,000 to 131,600 USD based on experience and qualifications
Generous retirement package
Medical, dental, and vision insurance
Pre-tax contribution plans
Employee Stock Ownership Plan (ESOP)
Ready to Apply?
Join Energy Solutions and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Energy Solutions
More jobs at Energy Solutions
Director, Software Engineering Hybrid - Boston, MA
Energy Solutions
Boston
Full Time
Jan 1
$145k-170k
Director, Software Engineering Hybrid - New York, NY
Energy Solutions
New York
Full Time
Jan 1
$145k-170k
Workday Developer Hybrid Oakland, CA - US
Energy Solutions
Oakland
Full Time
Dec 25
$100k-115k
More jobs in Chicago, Illinois
Energy Advisor- Commercial Sales
5
Remote
Full Time
Dec 29
Tax Director - Manufacturing
Aprio
Chicago
Full Time
Oct 30
Interconnection Project Manager DG
New Leaf Energy
Chicago
Full Time
Dec 19
$113k-131k