6 days ago
Foster City, CA, USAMid Level / Senior
H1B Sponsor
Base Salary
$210k - $270k/yr
Responsibilities
- Perform periodic application security scanning activities and prioritize flaws based on CVSS scores.
- Track, document, and manage vulnerabilities according to strict compliance SLAs.
- Escalate and report critical exposures directly to the CISO and senior leadership.
- Maintain the organization's Software Bill of Materials (SBOM) for compliance.
- Collaborate with development teams to provide clear mitigation paths and patch code.
- Configure and tune automated security testing tools within CI/CD pipelines.
- Assist Incident Response teams during active breaches or security incidents.
Requirements
- 5 years of experience in Application Security, DevSecOps, or Software Engineering roles.
- Solid foundational experience in a software development capacity.
- Ability to read, understand, and patch security flaws in JavaScript/TypeScript, Python, and Go.
- Strong familiarity with build systems, package managers, and compilation workflows.
- Hands-on experience with SAST, SCA, and Secret Scanning tools.
- Understanding of vulnerability management in relation to security compliance frameworks.
Benefits
- Competitive Salary & Equity.
- 401(k) Program with a 4% match.
- Health, Dental, Vision and Life Insurance.
- Short Term and Long Term Disability.
- Paid Parental, Medical, Caregiver Leave.
- Flexible Time Off (FTO) + Holidays.
- Commuter Benefits (In-Office Only).
- Monthly Wellness Stipend.
- Autonomous Work Environment.
- In Office Set-Up Reimbursement (In-Office Only).
- Quarterly Team Gatherings.
- In Office Amenities (In-Office Only).