Act as a Security Champion across product teams, influencing design and engineering decisions to prioritize security from the outset.
Design solutions that are Secure by Design, integrating threat modeling and security requirements into feature architecture and design reviews.
Promote and enforce Secure Coding standards through CI/CD automation, peer reviews, and development training to reduce vulnerabilities at the source.
Lead Vulnerability Management & Remediation, overseeing identification, risk-based triage, and tracking of remediation efforts for security issues.
Develop and maintain standard security packages (e.g., secure configuration baselines, code templates, CI/CD security integrations) for consistent use across engineering teams.
Conduct and support Penetration Testing, both hands-on and automated to uncover vulnerabilities throughout environments, platforms, and release cycles.
Enable continuous improvement through Collaboration & Enablement, delivering security knowledge transfer, best practices, and feedback loops across teams.
Requirements
3
5 years of hands-on experience in application security (AppSec), DevSecOps, or similar roles.
Software engineer with a keen interest in Security.
At least 2 years of experience working in an engineering team a plus
Deep understanding of secure software development lifecycle (SDLC) and first-principles of secure-by-design engineering.
Skilled in security scanning tools (e.g., SAST, DAST, SCA), incident and remediation workflows, and security automation.
Proficiency in reading and writing code for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP)
Proven experience with pentesting or red-team engagements, identifying and exploiting application-level vulnerabilities.
Excellent communication skills, you're able to translate technical risks into actionable steps and help engineers incorporate security improvements.
Comfortable building trust as a security mentor and champion, raising security maturity across teams with patience and influence.
Contributions to security tooling/open-source projects.
OSCP, OSCE, GXPN, or similar offensive security certifications a plus
Experience with container sec
Tech Stack
AWS
Azure
Cloud
Google Cloud Platform
Java
JavaScript
Python
SDLC
Benefits
Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
Learning
We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
Compensation
You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.