Security Engineer

• Design and implement secure CI/CD pipelines with automated security checks integrated into development workflows
• Establish and maintain security scanning tools, including SAST, DAST, dependency scanning, and more
• Develop Policy as Code solutions to enable automated compliance checks
• Establish and drive secure software development lifecycle processes, ensuring security is considered at every development stage
• Define security requirements analysis and threat modeling standards to identify potential security risks during the design phase
• Integrate Static Application Security Testing (SAST) into development IDEs and CI/CD processes
• Conduct pre-production security assessments and penetration testing
• Create security deployment checklists and production environment security monitoring
• Implement security best practices for Infrastructure as Code (IaC)
• Set up and maintain security monitoring, log aggregation, and alerting systems
• Perform vulnerability assessments and penetration testing

• Minimum 3 years of experience in cybersecurity field, DevOps or software development
• Knowledge of the SSDLC
• Extensive experience in software product engineering, deployment, and integration
• Ability to evaluate product performance metrics, as well as diagnose and resolve issues
• Ability to keep up with advancements in the field of technical product development
• Exceptional communication and interpersonal skills

• BS/MS in computer science
• Hold relevant security certifications (CISSP, CCSP, SSCP, CSSLP, CC, CISM, CEH, etc.)
• Experience in compliance management (ISO 27001, SOC2)
• Blue team experience, including SOC operations or threat hunting
• Experience participating in red-blue team exercises or competitions
• Experience in SSDLC process design and implementation
• Familiar with security integration in agile development environments
• Strong English reading and communication skills

Applier