Senior Security Engineer

What you'll do

• Embed automated security testing (SAST/DAST) into CI/CD pipelines
• Implement safeguards across infrastructure-as-code, containers, and cloud environments
• Automate vulnerability scans and real-time threat responses
• Participate in security triage and vulnerability management
• Ensure compliance with standards like SOC 2 or GDPR within DevOps processes
• Automate manual security tasks to accelerate development
• Build incident response playbooks and threat intelligence defenses

Requirements

• 5+ years of experience as a Security Engineer or similar role
• Strong foundation in CI/CD, automation, and cloud infrastructure
• Strong understanding of cloud security principles (AWS, GCP, or Azure)
• Experience securing CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Harness)
• Familiarity with infrastructure-as-code and related security tools
• Proficiency in scripting languages (Python, Bash, etc.)
• Hands-on experience with container security (Docker image scanning, Kubernetes best practices)
• Knowledge of IAM, secrets management, and secure key handling
• Experience with vulnerability scanning, remediation workflows, and risk prioritization
• Ability to identify and mitigate misconfigurations in cloud and IaC environments
• Comfortable collaborating with DevOps, platform, and application teams
• Preferred: Familiarity with compliance frameworks (SOC 2, ISO 27001, NIST)
• Preferred: Experience with security monitoring and incident response
• Preferred: Exposure to SIEM or EDR tools (Splunk, CrowdStrike, Google SecOps)
• Preferred: Experience with SAST/DAST and dependency scanning tools
• Preferred: Familiarity with zero-trust networking concepts
• Preferred: Knowledge of threat modeling and risk assessment practices

Tech stack

Benefits