Key skills
AWSDockerEC2KubernetesPythonBashPowerShellEKSRDSIAMCI/CDOWASP
About this role
Role Overview
- Architect and implement secure AWS configurations (IAM roles/policies, encryption keys, VPC segmentation)
- Embed security into CI/CD pipelines and repos using policy-as-code tools (pre-commit hooks, SAST/SCA, IDE tool integrations)
- Secure container and orchestration environments (EKS, Kubernetes, Docker) per best practices
- Conduct threat modeling sessions and risk‑driven design reviews early in development
- Perform secure code reviews and static/dynamic analysis; oversee remediation with dev teams
- Automate repetitive security tasks—vulnerability triage, code scanning, tool orchestration
- Build and extend in-house AppSec automation frameworks or pentest tooling
- Partner with security architecture and detection teams (SIEM tuning, logging, telemetry alignment)
- Develop and enforce AppSec standards and patterns across product teams; iterate through feedback loops
- Support regulatory or compliance assessments (PCI, CCPA, GLBA) as needed
Requirements
- 4+ years’ experience in application security engineering, DevSecOps, or security platform engineering
- Deep familiarity with CVSS, MITRE ATT&CK frameworks, OWASP Top 10 and CWE taxonomy
- Proven experience with AWS core services: IAM, KMS, VPC, EC2, RDS, EKS
- Hands-on expertise in securing IaC and CI/CD pipelines; strong knowledge of policy-as-code tooling
- Container security experience: Docker, Kubernetes, EKS-related threat surfaces
- Solid threat modeling and secure code review skills; SAST/SCA tool proficiency
- Experience scripting automation (e.g. Python, Bash, PowerShell) to streamline AppSec tasks
- Capability to lead in-house AppSec frameworks or tooling development
- Strong communicator, able to translate technical findings to non-technical stakeholders
- Track record of defining and institutionalizing security architecture patterns
Tech Stack
- AWS
- Docker
- EC2
- Kubernetes
- Python
Benefits
- Competitive base salary, stock options, and health benefits from Day 1
- 401(k) plan with company match
- Remote-friendly (US), flexible time off (FTO), and opportunities for growth
- A high-growth, mission-driven, inclusive culture where your work has real impact