
Sr. Security Engineer
ButterflyMXabout 3 hours ago
Responsibilities
- Lead application security reviews and threat modeling sessions.
- Continuously improve SAST, DAST, and SCA tooling.
- Plan and execute internal penetration tests and support third-party assessments.
- Own the vulnerability management lifecycle from discovery to validation.
- Develop secure coding standards and training materials.
- Integrate security tooling into CI/CD pipelines.
- Investigate security incidents and provide remediation recommendations.
- Partner with Product and Engineering on security architecture decisions.
- Stay current on emerging threats and support continuous program improvement.
Requirements
- 5+ years of experience in application security.
- Strong understanding of web application and API security fundamentals.
- Experience operating SAST/DAST/SCA ASPM tools.
- Fluency in scripting or development languages like Python or JavaScript.
- Experience designing and executing penetration tests.
- Familiarity with cloud security, preferably AWS.
- Comfortable in a regulated environment like SOC 2.
- Excellent written and verbal communication skills.
- Relevant certifications such as OSCP or CEH are a plus.
- Proven experience leveraging AI tools in security practices.
Benefits
- Comprehensive Medical, Dental and Vision plans starting day 1.
- 401(k) plan with a match.
- 10 paid holidays, 20 vacation days, 5 sick days, and 3 floating holidays.
- 100% coverage of Basic Life and Accidental Death Insurance.
- 100% coverage of Short and Long Term Disability.
- Paid Family Leave and Employee Assistance Program.
- Quarterly self-care stipends.
- Access to optional pre-tax flexible healthcare spending accounts and other benefits.