Great Value HiringRemote
SecOps Engineer
United States of America
Contract
1 week ago
$30 - $100 USD
Visa Sponsor
Key skills
JavaScriptTypeScriptPythonGolangRustSQLCommunicationOWASPPenetration Testing
About this role
Great Value Hiring is seeking a SecOps Engineer to enhance their security operations. The role involves performing secure code reviews, managing application-layer vulnerabilities, and developing security automation tools while collaborating with development teams to ensure secure coding practices.
Responsibilities:
- Perform expert-level secure code reviews with a focus on OWASP Top 10 and CWE vulnerability classes
- Identify, triage, and remediate application-layer vulnerabilities, including broken access control, IDOR, SQL injection, command injection, and deserialization flaws
- Develop and maintain security automation tools using Python, GoLang, or JavaScript/TypeScript to streamline vulnerability detection and remediation processes
- Conduct and document penetration tests, collaborating cross-functionally to drive remediation initiatives
- Advise development teams on secure coding practices, bringing a proactive security mindset into the software lifecycle
- Stay informed of emerging threats and incorporate best practices within the customer's environments
- Communicate effectively through detailed written reports and verbal briefings, ensuring security findings are clearly understood and actionable
Requirements:
- 5+ years of hands-on experience in software engineering or security operations with a focus on application-layer security
- Proficiency in Python, GoLang, Rust, JavaScript, and TypeScript
- Demonstrated expertise in secure code review and professional penetration testing
- Strong familiarity with OWASP Top 10, CWE, and modern vulnerability classes
- Proven ability to detect, prioritize, and remediate vulnerabilities in production applications
- Exceptional written and verbal communication skills, with a strong emphasis on clarity and detail
- Fluent English and availability for at least 6+ hours overlap with Eastern Time
- Experience deploying, integrating, or maintaining vulnerability management platforms
- Certifications such as OSCP, GIAC, or equivalent are advantageous
- Background in cloud or container security practices