Key skills
SDLCCI/CDLeadershipCommunication
About this role
Role Overview
- Own day-to-day execution of security programme across Application Security, Vulnerability Management, and Governance & Compliance
- Lead threat modelling and security design reviews
- Define and enforce security gates within CI/CD pipelines
- Conduct code and architecture reviews with written findings
- Maintain developer security guidance and secure coding standards
- Own scanner configuration and operational management
- Triage and prioritize vulnerability findings
- Drive evidence collection for ISO 27001, NIS2, and EU CRA compliance
- Coordinate with internal and external auditors
- Respond to enterprise customer security questionnaires
Requirements
- 10+ years of experience in security engineering or architecture
- Demonstrated ownership of vulnerability management or application security programs
- Ability to make independent, defensible risk decisions
- Strong written communication skills
- Experience representing security to engineering leadership and external auditors
- Hands-on experience with vulnerability scanning tools (Qualys or equivalent)
- Practical knowledge of integrating security into the SDLC
- Working understanding of compliance frameworks
- Proven ability to plan work and delegate clearly
- High autonomy; comfortable operating in ambiguity
Tech Stack
- SDLC
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development