Software Engineer, Application Security

Job Description

• Own and lead the vulnerability management lifecycle.
• Implement and manage secure base OS images.
• Continuously scan, monitor, and patch OSS dependencies.
• Research and evaluate trusted open-source security solutions.
• Integrate SAST, DAST, and dependency scanning tools into the CI/CD pipeline.
• Define and maintain best practices for secure coding.
• Develop automated security validation tests.
• Lead the adoption of custom security solutions to manage and mitigate security risks at scale.
• Provide security guidance, training, and mentorship to engineering teams.

• BA/BS in Computer Science, Cybersecurity, or a related field (or equivalent industry experience).
• 5+ years of experience in application security and vulnerability management.
• Deep understanding of software security vulnerabilities, including CVEs, OWASP Top 10, and supply chain risks.
• Experience with SAST, DAST, dependency scanning, and vulnerability management tools.
• Strong familiarity with package managers and securing open-source dependencies.
• Coding experience in languages such as Go, Python, Java, or C++ to develop security test cases and tooling.
• Hands-on experience with cloud-native security best practices across AWS, GCP, or Azure.
• Knowledge of container security, Kubernetes security, and securing microservices architectures.
• Ability to lead cross-functional initiatives and drive security adoption within engineering teams.

• Competitive compensation
• Medical, Vision and Dental coverage
• Flexible work environment and time-off policy
• 401k
• Company events
• Home office improvement stipend
• Annual education stipend
• Wellness stipend
• Healthy lunches and dinners provided daily