Senior Security Engineer
Tasks
- Apply policy as code controls
- Architect security controls for software development lifecycle
- Author security baselines aligned to CIS benchmarks
- Build and govern SBOM program
- Conduct threat modeling workshops using STRIDE
- Configure secrets injection in CI CD
- Define SSDLC security requirements and review gates
- Define cloud security baselines and validate compliance
- Define pipeline access controls and service permissions
- Deploy and operate CSPM tooling
- Deploy and operate DAST tooling
- Deploy and operate SAST tooling in CI CD
- Detect and remediate hardcoded credentials
- Enforce branch protection and signed commits
- Ensure code signing for release pipelines
- Implement IAM and network security standards
- Implement pipeline security gates
- Implement pre commit hooks and PR scanning
- Implement repository code scanning and secret detection
- Integrate SBOM generation into build pipelines
- Integrate SCA for dependency vulnerability detection
- Monitor cloud misconfigurations and permission drift
- Operate secrets management and secrets rotation
- Partner with SOC to connect telemetry to detection response
- Validate baseline compliance across cloud OS and container layers
Perks/Benefits
- N/A
Skills/Tech-stack
Admission Controller | Application Security | Branch protection | Burp Suite | CI/CD | CSPM | Checkov | Cloud Security | Cloud Security Posture | Cloud Security Posture Management | Code Signing | Composition analysis | Container Security | DAST | DevSecOps | Falco | IAM | Image scanning | Kubernetes | Kubernetes admission controller | Kubernetes security | Network Security | OPA/Rego | OWASP Top | OWASP Top 10 | OWASP ZAP | Policy-as-Code | Posture Management | Repository Security | Risk Prioritization | Runtime Security | SAST | SBOM | SBOM generation | SCA | SSDLC | STRIDE | Secret detection | Secrets management | Security posture management | Sentinel | Software Composition | Software Composition Analysis | Terrascan | Threat modeling | Top 10 | Vulnerability Management | Vulnerability Risk Prioritization | “as-code”
Education
Roles
Engineer | Security | Security Engineer | Senior Security Engineer
Related jobs
-
Cybersecurity Director USD 230K-245KAWS | Access Controls | Access Management | Application Security | Audit compliance401k match | Birthday day off | Fitness allotment | Health benefits | Mental health resourcesExecutive-level Full TimeUnited States R16h ago
-
API Testing | AWS | Agile | Amazon Web Services | CI/CD401k | Dental insurance | Disability insurance | Health savings account | Life insuranceMid-level Full TimeAnnapolis Junction, MD R19h ago
-
Senior CSOC Engineer USD 142K-201KACK Flood | AWS | Apache | Application Firewalls | Application Security401k match | Employee assistance program | Employee stock purchase program | Flexible schedule | Flexible vacationSenior-level Full TimeNew York City, NY; San Francisco, … R19h ago
-
AWS | Artificial Intelligence | Azure | Cloud Security | Cloud platformFlexible hybrid schedule | Health insurance | Hybrid work model | Life insurance | Paid time offSenior-level Full TimeTampa, FL, United States R20h ago
-
Sr. GRC Analyst USD 135K-165K800-53 | API Integration | AWS | Access Management | Audit Trail401k match | Childcare assistance | Flexible time off | Health coverage | Paid parental leaveSenior-level Full TimeUnited States R20h ago
-
Data poisoning | OWASP Top | OWASP Top 10 | Penetration Testing | Prompt injectionPaid internshipEntry-level InternshipUnited States (Remote) R20h ago
-
Senior Detection Engineer USD 192K-242KAWS | Automation | CI/CD | Cloud Security | Cloud platformAnnual refresh grants | Equity grant | Remote workSenior-level Full TimeUnited States - Remote R20h ago
-
Senior Security Software Engineer USD 194K-239KAuthentication | C++ | CI/CD | Cloud platform | Data encryptionHealthcare | Learning Support | Paid family leave | Paid time off | Remote wellbeing resourcesSenior-level Full Timesan francisconew york R22h ago
-
Senior Product Security Engineer USD 168K-210KApplication Security | CI/CD | Cloud infrastructure | Code vulnerability analysis | Common Vulnerabilities and ExposuresHybrid work scheduleSenior-level Full TimeRaleigh, North Carolina, USA R22h ago
-
Senior Product Security Engineer USD 168K-210KAI Act | AI Governance | AI Security | AI security tooling | Application Security401k plan | Health coverage | Inclusion and belonging | Pension plan | Remote workSenior-level Full TimeRemote, USA R22h ago
-
Senior Application Security Engineer USD 250KApplication Firewall | Application Security | Bug Bounty | Bug Bounty Program | CI/CDCompetitive salary package | Equity package | Remote workSenior-level Full TimeNew York - Hybrid R23h ago
-
Software Engineer USD 120K-140KAPI | Cloud platform | Code review | Data Pipelines | Data StructuresCoworking stipend | Flexible time off | Health insurance coverage | Paid parental leave | Phone and internet stipendSenior-level Full TimeUnited States - Remote R23h ago
-
Principal Software Engineer USD 220K-258KAPI Design | Cloud platform | Data Pipelines | Data Validation | DeduplicationCoworking stipend | Destination summits | Flexible time off | Health insurance coverage | Meetup opportunitiesSenior-level Full TimeUnited States - Remote R23h ago
-
Staff GRC Engineer (Remote) USD 165K-210KAI Governance | API Integration | AWS | Access Control | Cloud Security401k match | Family planning resources | Flexible PTO | Health/dental/FSA | Long-term disability insuranceSenior-level Full TimeBoston, MA R1d ago
-
AI Security Architect, Contract USD 100K-150KAI Security | API Security | AWS | Adversarial Attacks | AzureSenior-level Full TimeRemote, United States R1d ago
-
AI Red Team Security Engineer USD 152K-269KAWS | Adversarial Machine Learning | Cloud platform | Code generation | DockerSenior-level Full TimeRemote US R1d ago
-
AI Agent | AI agent security | Agent security | Application Security | Audit LoggingSenior-level Full TimeSan Mateo, CA, United States R1d ago
-
Vice President, ACM Information Security, CISO USD 220K-250K21 CFR Part 11 | Access Control | Access Management | Awareness Training | Breach ManagementExecutive-level Full TimeACM - Remote, United States R1d ago
-
Azure Solutions and Security Architect USD 155K-155KARM | Agile | Azure | Azure Monitor | Azure NetworkingSenior-level Full TimeUnited States - Remote R1d ago
-
AI Security Engineer USD 100K-150KAccess Management | Adversarial Machine Learning | Application Security | Authorization | CryptographySenior-level Full TimeUnited States - Remote R1d ago
-
AI Security Engineer USD 100K-150KAccess Control | Access Management | Adversarial ML | Application Security | AuthorizationSenior-level Full TimeUnited States - Remote R1d ago
-
Oracle Cloud Security Engineer USD 100K-150KAccess Management | Bash | CIS Benchmarks | Cloud Guard | Cloud SecurityMid-level Full TimeUnited States - Remote R1d ago
-
Oracle Cloud Security Engineer USD 100K-150KAccess Management | Bash | CIS Benchmarks | Cloud Guard | Cloud infrastructureMid-level Full TimeUnited States - Remote R1d ago
-
SAP Security Engineer (GRC – Technical) USD 100K-150KAccess Control | Access Management | Analytic Privileges | Audit Logging | Continuous controls monitoringMid-level Full TimeUnited States - Remote R1d ago
-
Application Security Engineer USD 100K-150KAbuse detection | Agile | Application Protection | Authentication | AuthorizationMid-level Full TimeUnited States - Remote R1d ago