Staff Supply Chain & Build-System Security Engineer
Tasks
- Build and review SBOMs and AIBOM artifacts
- Build dependency graphs and reachability analyses
- Enforce OIDC and trusted publisher migration
- Harden GitHub Actions and enforce pinned dependencies
- Harden runner deployment and identity scoping
- Identify blast radius
- Investigate malicious package incidents
- Lead customer software supply chain risk engagements
- Prioritize findings by exploitability
- Recommend CI CD pipeline hardening
- Reverse engineer obfuscated install scripts
- Triage supply chain findings from code scanning pipeline
- Validate true positives and eliminate noise
Perks/Benefits
- N/A
Skills/Tech-stack
AIBOM | Artifact signing | Build provenance | CI/CD | Dependency Pinning | Dependency graphs | Git | GitHub Actions | Go Modules | In-toto | JavaScript | Malware triage | Maven Central | Npm | NuGet | OIDC | PyPI | Python | Reachability analysis | Reverse Engineering | Runner Isolation | Rust | SBOM | SBOM Artifact Signing | SBOM Build Provenance | SLSA | Secrets management | Sigstore | Software Supply Chain | Software supply chain security | Static Analysis | Supply chain security | Trusted Publisher
Education
N/A
Related jobs
-
Forward Deployed AI Engineer USD 110K-160KAI Agents | APIs | Artificial Intelligence | Cloud infrastructure | LLM401k employer match | Family building benefits | Flexible time off | Free OneMedical memberships | Healthcare plansEntry-level Full TimeNew York, NY, United States10h ago
-
Forward Deployed AI Engineer II USD 180K-230KAI Agents | APIs | Cloud infrastructure | Data Privacy | Evaluation401k match | Family building benefits fertility adoption surrogacy support | Flexible time off | Free OneMedical memberships | Healthcare plansMid-level Full TimeNew York, NY, United States10h ago
-
Sr. Staff Back-End AppSec Engineer USD 184K-230KAngular | Azure DevOps | CI/CD | CSRF | CWE Top 25401k match | Employee Assistance Program (EAP) | Flexible time off | Home-office allowance | Life and disability insuranceSenior-level Full TimeUnited States10h ago
-
Systems Engineer - Active Security Clearance USD 122K-210KActive Directory | Application Centric Infrastructure | Atlassian Confluence | Atlassian Jira | Availability TechnologiesDomestic travel less than 10 percent | Flexible core hoursSenior-level Full TimeReston, VA, USA, 2019011h ago
-
Network Engineer - Active Security Clearance USD 112K-184KACLs | ASA | Application Load Balancers | BGP | BashDomestic travel as needed | Flexible core hoursSenior-level Full TimeReston, VA, USA, 2019011h ago
-
Product Security Engineer USD 116K-187KAI for security | Authentication | Authorization | Bug Bounty | CNAPPMid-level Full TimeRemote - US West R12h ago
-
Senior Software Engineer, Data USD 225K-300KAPIs | AWS | Airflow | Argo | Batch Processing401k match | Family building benefits | Flexible time off | Free OneMedical memberships | Healthcare plansSenior-level Full TimeNew York, NY, United States15h ago
-
Senior Cloud Security Engineer (Hybrid/Multi-Cloud) USD 113K-188KAI gateway | AKS | AWS | Ansible | AzureHSA | Health insurance | Remote workSenior-level Full TimeFalls Church, VA R15h ago
-
Product Security Engineer USD 157K-198KApplication Security | Architecture Review | Asset Inventory | Credential Management | EncryptionEmployee resource groups | Flexible work options | Learning and development stipend | Mentorship | Paid parental leaveSenior-level Full TimeUSA R15h ago
-
Principal AI Software Engineer USD 224K-308KAWS | Cloud Computing | Data Processing | Docker | Endpoint Security401k match | Adoption and surrogacy reimbursement | Cancer Care Program | Dependent care FSA | Employee assistance programSenior-level Full TimeUnited States - Remote R16h ago
-
AWS Identity | AWS Identity and Access Management | Access Management | Agent security | Application Security401k | Career development funds | Company equity | Company paid life insurance | Company-paid Short Term DisabilitySenior-level Full TimeSeattle, Washington R16h ago
-
Senior Security Engineer USD 140K-165KAPI Keys | AWS | AWS Secrets | AWS Secrets Manager | Advanced Security401k matching | Career development training | Generous PTO | Health, dental, vision coverage | Merit advancement opportunitiesSenior-level Full TimeChicago, IL (Hybrid) R16h ago
-
Associate Cloud Security Automation Engineer USD 74K-124KAWS | AWS CloudFormation | AWS Secrets | AWS Secrets Manager | Akeyless401k retirement plan | Dental insurance | Flexible time off | Internet allowance | Medical insuranceMid-level Full TimeRemote R16h ago
-
Senior IT Security Engineer USD 115K-140K800-171 | AWS | Bash | BetterCloud | Box403b match | Home office stipend | Medical, dental, and vision insurance | Paid Holidays | Paid vacation daysSenior-level Full TimeRemote (within the U.S.) R17h ago
-
Software Development Engineer in Test USD 150K-175KAWS | Anomaly Detection | CI/CD | Cause analysis | CloudWatchMid-level Full TimeRemote - US R18h ago
-
Sr. Security Engineer USD 145K-202K800-53 | AWS CloudTrail | AWS IAM | AWS Security | AWS Security HubHybrid workplace | Remote work option | Work-life balanceSenior-level Full TimeRaleigh, NC R18h ago
-
Principal DevOps Engineer - Federal USD 182K-260KAWS | Auto Scaling | Blue-Green Deployment | Blue/green | CI/CDEducation reimbursement | Health plans | Parental leave options | Remote work | Retirement optionsSenior-level Full TimeRemote - USA R18h ago
-
Security Engineer, Detection & Response USD 172K-240KAI Augmented SOC | AWS | Alert investigation | CI/CD | Cloud SecurityMedical coverage | On-call rotation | Remote work | Wellness stipendsSenior-level Full TimeUnited States (Remote) R18h ago
-
Security Identity Engineer, Contract USD 125K-176K800-53 | AWS | Access Certification | Active Directory | AzureMid-level Full TimeRemote, United States R18h ago
-
Senior Detection Engineer USD 230K-310KAnomaly Detection | Behavioral analytics | CI/CD | Detection engineering | Incident investigationDental insurance | Health insurance | Paid time off | Pension plan | Retirement planSenior-level Full TimeSan Francisco, CA20h ago
-
Staff Detection Engineer USD 250K-350KAnomaly Detection | Artificial Intelligence | Behavioral analytics | CI/CD | Detection engineeringDental insurance | Generous paid time off | Health insurance | Retirement plan | Vision insuranceSenior-level Full TimeSan Francisco, CA20h ago
-
Senior Security Engineer & Identity Engineer USD 145K-175KAWS | AWS Security | AWS Security Hub | Access Management | Application SecuritySenior-level Full TimeLos Angeles, California, United States R20h ago
-
Senior Security Engineer & Identity Engineer USD 145K-175KAWS Security | AWS Security Hub | Access Management | Application Security | Application Security TestingSenior-level Full TimeChicago, Illinois, United States R20h ago
-
Senior Security Engineer & Identity Engineer USD 145K-175KAWS Security | AWS Security Hub | Access Management | Application Security | Architecture ReviewsSenior-level Full TimeBoston, MA R20h ago
-
Sr Perimeter Network Engineer USD 130K-177KAnsible | Ansible Automation | Azure | BGP | Cloud platformSenior-level Full TimeNew York, NEW YORK, United States20h ago