We are looking for an experienced Security Engineer to join a growing security architecture and engineering team.
The role involves designing and maintaining secure systems, driving threat modeling and risk assessments, defining and enforcing secure development practices, and integrating security tools across the SDLC.
You will lead incident response efforts, mentor engineering teams on security best practices, and collaborate closely with cross-functional teams including DevOps, compliance, and product. The position is onsite.
Responsibilities
Design, develop, and maintain secure application, cloud, and infrastructure systems
Perform threat modeling, security reviews, and risk assessments
Promote secure coding standards (e.g., OWASP, SANS) and conduct code reviews
Integrate security tools (SAST, DAST, vulnerability scanners) into CI/CD pipelines
Lead incident response efforts and coordinate mitigation strategies
Mentor developers and engineers in security awareness and best practices
Collaborate with cross-functional teams throughout the SDLC
Participate in Agile development processes with a focus on secure delivery
Required Qualifications
5+ years of experience in application, cloud, or infrastructure security
Strong understanding of cloud platforms (AWS, Azure, or GCP) and container security
Hands-on experience with programming languages such as Golang or .NET
Familiarity with security standards (OWASP, NIST, ISO 27001, CIS Benchmarks)
Experience with tools like Snyk, Checkmarx, Nessus, Burp Suite, etc.
Proven ability to integrate security into CI/CD environments
Bachelor's or Master’s degree in Computer Science, Cybersecurity, or equivalent military/certification background
Preferred Qualifications
Experience with Kubernetes, Docker security
Knowledge of IAM, SSO, OAuth2, and federated authentication
Familiarity with SIEM tools (Splunk, Datadog, Sentinel)
Understanding of secrets management (Vault, AWS Secrets Manager)
Participation in red/blue team exercises or security incident simulations
Contributions to open-source security projects or published CVEs
Soft Skills
Strong analytical thinking and security mindset
Excellent communication and collaboration skills
Ability to influence engineering teams toward secure development practices
Passion for cybersecurity and staying up-to-date with emerging threats