Added
less than a minute ago
Location
Type
Full time
Salary
Upgrade to Premium to se...
Related skills
kubernetes oauth 2.0 jwt sast dastπ Description
- Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training
- Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces
- Drive API security across internal and external services β including authentication, authorization, rate limiting, and abuse prevention controls
- Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination
- Champion software supply chain security initiatives, including SBOM generation, dependency risk analysis, and third-party component vetting
- Respond to and lead security incidents in a measured, programmatic, and timely manner β from identification through post-incident review
π― Requirements
- 5β7 years in security engineering or AppSec
- Strong communication translating risk for engineering and leadership
- Hands-on SAST/DAST; Semgrep, Snyk, Checkmarx, Burp Suite Pro
- End-to-end incident response experience
- Cloud-native security (IAM, Kubernetes, serverless)
- API security knowledge: OWASP API Top 10, OAuth 2.0/OIDC, JWT
- AI/LLM security familiarity (OWASP LLM Top 10)
π Benefits
- Market-leading medical, dental, and vision insurance
- Stock options
- Free Premium-Tier Origin Financial Wellness subscription
- Monthly home-office stipend
- 401k (TransAmerica)
- 11 paid company holidays
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!