Related skills
kubernetes ci/cd sast sca burp suiteπ Description
- Own the pipeline: optimize SAST/SCA/Secrets in CI/CD for actionable alerts.
- Be security champion: partner with Eng/Prod to bake security in from design to deployment.
- Threat modeling: lead architectural threat modeling; translate threats into tests.
- Code-level remediation: provide fixes via deep-dive reviews.
- Secrets management: remove hard-coded secrets; promote automated secrets.
- Incident response and comms: support IR and present findings to leaders.
π― Requirements
- 3+ years in Software Development or Application Security.
- CI/CD security tooling: SAST/DAST/SCA in GitHub Actions, GitLab CI, or Jenkins.
- OWASP WSTG/MASTG knowledge and threat actor mindset.
- Threat modeling experience to identify architectural risks before code.
- Familiar with OWASP Top 10 for LLMs; guardrails for AI integration.
- Incident response experience; AppSec perspective to scope exploits and patches.
π Benefits
- Company-subsidized medical, dental, and vision plans.
- 401(k) plan with company match.
- Annual bonus.
- Flexible PTO (2 weeks strongly encouraged).
- Generous paid parental leave and disability benefits.
- Company equipment provided (Windows and Mac options).
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!