TWO95 International, IncRemote
Lead Security Engineer
United States
Full-time
5 hours ago
H1B Sponsor Likely
Key skills
JavaScriptPythonJavaAILLMJenkinsGitHub ActionsGitHubSaaSSDLCCI/CDLeadershipOWASPCloud Security
About this role
TWO95 International, Inc is seeking a Lead Security Engineer for a contract position. The role involves overseeing application and cloud security engineering, leading a team, and ensuring secure practices in a multi-cloud environment.
Responsibilities:
- 10+ years of experience in Application or Cloud Security engineering
- 6+ years of experience in Information Security in a SaaS Multi Cloud Environment
- 4+ years in a leadership position
- Proven track record in production support, including on-call responsibilities
- Strong experience with tools like Veracode, Tenable, Wiz, Burp, or equivalent
- Familiarity with secure SDLC concepts, DevSecOps automation, and CI/CD environments (Jenkins, GitHub Actions, or similar)
- Working knowledge of threat modeling, vulnerability management, and container hardening
- Ability to analyze metrics and present clear risk insights to technical and non-technical stakeholders
- Hands-on development experience in at least one language (Python, Java, or JavaScript preferred), with the ability to read, assess, and guide secure code practices across diverse tech stacks
- Experience in AI/LLM security, privacy-by-design, or regulatory frameworks
- Ability to leverage frameworks and standards such as SANS, NIST, ISO, and OWASP
Requirements:
- 10+ years of experience in Application or Cloud Security engineering
- 6+ years of experience in Information Security in a SaaS Multi Cloud Environment
- 4+ years in a leadership position
- Proven track record in production support, including on-call responsibilities
- Strong experience with tools like Veracode, Tenable, Wiz, Burp, or equivalent
- Familiarity with secure SDLC concepts, DevSecOps automation, and CI/CD environments (Jenkins, GitHub Actions, or similar)
- Working knowledge of threat modeling, vulnerability management, and container hardening
- Ability to analyze metrics and present clear risk insights to technical and non-technical stakeholders
- Hands-on development experience in at least one language (Python, Java, or JavaScript preferred), with the ability to read, assess, and guide secure code practices across diverse tech stacks
- Experience in AI/LLM security, privacy-by-design, or regulatory frameworks
- Ability to leverage frameworks and standards such as SANS, NIST, ISO, and OWASP
- BA/BS in Computer Science or a relevant Engineering degree, or relevant experience
- CISSP or similar certification