Security Engineer

Tasks

• Apply least privilege
• Audit and harden CI CD pipelines
• Build internal bounty workflow tooling
• Conduct threat modeling
• Configure security logging
• Deprovision user access
• Enable supply chain integrity
• Enforce security standards across SDLC
• Establish build provenance
• Hold vendors to service level agreements
• Identify vulnerable dependencies
• Implement network segmentation
• Implement secrets management
• Implement security tooling across stack
• Integrate DAST
• Integrate SAST
• Investigate endpoint alerts
• Manage identity lifecycle access provisioning
• Manage vendor security relationships
• Monitor security alerts
• Onboard security tooling
• Prioritize and track vulnerabilities to remediation
• Remediate vulnerable packages
• Reproduce security vulnerabilities
• Respond to vulnerability reports
• Review and harden cloud access controls
• Rotate encryption keys
• Triage and respond to incidents
• Triaging bug bounty submissions
• Tune EDR detections

Perks/Benefits

• On-site work daily

Skills/Tech-stack

Access Control | Access Management | Access provisioning | Bug Bounty | Bug bounty triage | Build provenance | CI/CD | CI/CD Pipeline | CI/CD pipeline hardening | Cloud Security | DAST | Dependency security | Deprovisioning | Detection and Response | Development Lifecycle | EDR | Endpoint Detection and Response | Endpoint detection | IAM | Identity and Access Management | Identity and access | Key rotation | Least Privilege | Network Segmentation | Pipeline Hardening | SAST | Secrets management | Security Logging | Security operations | Software Development Lifecycle | Software development | Supply Chain | Supply chain security | Threat modeling | Vulnerability Management