Key skills
AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformJavaKubernetesPythonGoC#CGCPGoogle CloudSaaSCI/CDCommunicationCollaborationPenetration TestingCloud Security
About this role
Role Overview
- Own and enforce DevSecOps practices across CI/CD pipelines (SAST, DAST, SCA, and other practices)
- Integrate automated security tooling into development workflows; reduce manual security gates
- Partner with development teams to perform secure code reviews and threat modeling
- Drive vulnerability identification, triage, and remediation across infrastructure and applications
- Manage security tooling stack
- Produce and maintain a risk register; track remediation SLAs
- Lead or coordinate internal/external penetration testing cycles
- Manage crowd testing campaigns
- Develop and maintain an incident response playbook; support incident investigations
- Support compliance with SOC 2, ISO 27001, GDPR, and relevant data protection frameworks
- Define and enforce security policies, standards, and developer security training
- Act as the primary security SME for the engineering organization
- Mentor developers on secure coding practices; build a security-first engineering culture
- Interface with external auditors, clients, and the executive team on security posture
Requirements
- 5+ years of experience in DevSecOps, application security, or security engineering
- Demonstrated experience managing security in software development environments (not just ops/infrastructure)
- Strong development background, proficiency in at least 1 language (eg: Python, Go, Java, C#)
- Hands on experience with CI/CD security tooling (SAST/DAST/SCA integration, secrets management)
- Experience with cloud security (AWS, Azure, or GCP) and container security (Docker, Kubernetes)
- Familiarity with SOC 2 or ISO 27001 compliance frameworks
- Excellent English communication skills (written and verbal)
- Preferred/Nice to Have
- Penetration testing experience or relevant certification (OSCP, CEH, GPEN)
- Security certifications (CISSP, CSSLP, AWS Security Specialty, or similar)
- Experience at a B2B SaaS or cybersecurity product company
- Familiarity with insider threat, DLP, or endpoint security product domains
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Docker
- Google Cloud Platform
- Java
- Kubernetes
- Python
- Go
Benefits
- Competitive compensation
- Flexible paid time off
- Laptop reimbursement
- Ongoing training, development, and career growth opportunities
- We use an open stack of technologies, so you have the chance to learn and evolve
- High complexity of problems to solve, with active feature development
- not just bugs & refactoring
- Collaboration with a forward-thinking team where new ideas come to life, experience is valued, and talent is incubated. You can make an impact quickly.