Security Engineer

📋 Description

• Lead application security assessments with engineering teams.
• Drive remediation with product and dev teams to resolve findings.
• Integrate and scale automated security tooling across CI/CD (SAST/DAST/SCA/IaC).
• Develop and maintain application security standards and guardrails.
• Drive threat modeling and risk assessments for new features, APIs, services.
• Collaborate with Cloud & Infrastructure Security to align controls.

🎯 Requirements

• 4–8+ years in security engineering or secure software development.
• Hands-on with Semgrep, Burp Suite, Snyk, Trivy for analysis.
• Strong web, API, and mobile vulnerability knowledge (OWASP Top 10, API Top 10).
• Experience leading threat modeling and secure design reviews.
• Familiarity with cloud concepts and securing cloud workloads.
• SDLC collaboration; drive remediation and secure delivery.

🎁 Benefits

• Unlimited time off with a 10-day minimum.
• Flexible working with home-office stipend.
• Comprehensive US health, dental, and vision plans and life insurance.
• 401(k) with 4% company match.
• Equity option plan for all Rainmakers.
• Rain Cards and wellness spending support.