Sr. Information Security Engineer

Job Description

• Analyzing results from SAST, DAST, and SCA tools and providing actionable remediation guidance.
• Collaborating with developers to resolve vulnerabilities and promote secure coding practices.
• Developing and maintaining security guidelines aligned with OWASP Top 10 and SANS Top 25.
• Conducting threat modeling and application-level risk assessments.
• Providing expertise on container security in Azure.
• Tracking and managing remediation efforts.
• Building and maintaining vulnerability management processes.
• Partnering with DevOps to embed security controls into CI/CD pipelines.
• Creating security documentation.
• Leading penetration testing initiatives.
• Supporting incident response efforts.
• Overseeing the organization’s vulnerability management program.

• 8+ years in information security, including 4+ years in application security.
• 3+ years of experience in cloud environments (Azure or AWS).
• Deep knowledge of SAST, DAST, and SCA tools and remediation strategies.
• Strong grasp of OWASP Top 10, SANS Top 25, and secure development principles.
• Proven ability to guide engineering teams through vulnerability remediation.
• Excellent analytical and communication skills.
• Experience with threat modeling and risk assessment.

• Flexible time off
• Comprehensive medical, dental, and vision plans
• Family planning benefits
• 401(k) retirement savings plan with company match
• Health savings account with company contributions
• Flexible spending account
• Life, accident, and disability coverage
• Business travel insurance
• Employee assistance programs