Clash
of Jobs
Browse All Jobs
Job Description
Cresta is seeking a passionate Software Security Engineer to bolster its security and compliance team and advance global data protection and cybersecurity initiatives. This role involves defining how AI shapes the future of work, focusing on augmenting knowledge worker effectiveness through AI-driven solutions. The ideal candidate will possess a solid security engineering background and a proactive approach to safeguarding Cresta's assets and customer data.
Responsibilities:
- Implement and collaborate on Product security features
- Mature and extend our DevSecOps pipeline
- Detect, defend, and respond to threats to Cresta and it's customer
- Support SOC2 Type II, ISO 27001 & 27701, PCI-DSS, TISAX, and HIPPA audit processes with technical controls and evidence
- Perform security audits of Cresta's Products and cloud infrastructure and drive remediation of security of risks.
- Improve and monitor Cresta's vulnerability management program to ensure we're monitoring and mitigating known vulnerabilities.
- Develop internal tooling and automation
Requirements:
- 4+ years of experience in application security engineering and cloud security (AWS/GCP)
- Security domain knowledge across many cyber security disciplines
- Experience in static code analysis and remediation
- Experience in security operations (SOC) and incident response
- Working knowledge of Python and Go to develop and collaborate with engineering on product security features
- Experience managing competing efforts and requirements
- Experience with fast growing saas startups
