Change.orgRemote
Senior Security Engineer
United States
Full-time
6 days ago
$165,000 - $194,000 USD
H1B Sponsor Likely
Key skills
Web application securityPython scriptingAWS securityKubernetes securitySecurity scanning toolsVulnerability remediationSecure SDLC practicesCollaboration skillsCommunication skillsPythonRubyElixirAWSKubernetesSDLCCI/CDCloud Security
About this role
Change.org is a social impact business and the world's largest social change platform, seeking a Senior Security Engineer to enhance the security of their global infrastructure and applications. The role involves managing vulnerabilities, conducting vendor security reviews, and automating security tools as part of the engineering team.
Responsibilities:
- Identify, triage, and drive remediation of vulnerabilities across Change.org’s applications and APIs
- Integrate and maintain automated security checks in CI/CD
- Partner with developers on secure design and code reviews for high-impact features
- Strengthen AWS and Kubernetes app-layer security
- Contribute to incident response when product or code-related vulnerabilities are involved
- From time to time the company may require you to work after hours to deal with emergencies
Requirements:
- Strong grasp of web application security fundamentals
- Proficiency in Python or similar for scripting, automation, and integrating security tools
- Experience with security scanning tools and pipeline automation
- Working knowledge of AWS and Kubernetes from an application security perspective
- Ability to clearly communicate risks and collaborate effectively with development teams
- 4–6 years in application or cloud security, or as a software engineer with security responsibilities
- Proven track record of hands-on vulnerability remediation and practical risk reduction
- Exposure to secure SDLC practices and common modern stacks (bonus: Elixir, Node, Ruby)
- Experience building or tuning security automation that improves developer productivity and reduces false positives