13 days ago
Remote, United StatesSenior
Base Salary
$185k - $280k/yr
Responsibilities
- Own and lead the vulnerability management lifecycle, ensuring the tech stack is free from known CVEs.
- Implement and manage secure base OS images to harden underlying systems against threats.
- Continuously scan, monitor, and patch OSS dependencies to mitigate supply chain risks.
- Research and evaluate trusted open-source security solutions for potential adoption.
- Integrate SAST, DAST, and dependency scanning tools into the CI/CD pipeline.
- Define and maintain best practices for secure coding.
- Develop automated security validation tests for vulnerability-free deployments.
- Lead the adoption of custom security solutions to manage risks at scale.
- Provide security guidance and mentorship to engineering teams.
Requirements
- BA/BS in Computer Science, Cybersecurity, or a related field, or equivalent experience.
- 5+ years of experience in application security and vulnerability management.
- Deep understanding of software security vulnerabilities, including CVEs and OWASP Top 10.
- Experience with SAST, DAST, and vulnerability management tools.
- Strong familiarity with package managers and securing open-source dependencies.
- Coding experience in languages such as Go, Python, Java, or C++.
- Hands-on experience with cloud-native security best practices across AWS, GCP, or Azure.
- Knowledge of container security and securing microservices architectures.
- Ability to lead cross-functional initiatives and drive security adoption.
- Proactive approach to security, identifying risks before they become problems.
- Excellent problem-solving skills and ability to balance security with performance.