Related skills
devsecops kubernetes ci/cd oauth 2.0 sast📋 Description
- Maintain deep AppSec knowledge; conduct threat models and architecture reviews.
- Be the go-to AppSec expert; mentor engineers on secure design and coding.
- Lead automation/integration of vulnerability tooling across pipelines (SAST, DAST, SCA).
- Develop and maintain security patterns and IaC standards; harden containerized apps.
- Lead security tests and quality gates across dev/build pipelines.
- Triage vulnerabilities and drive remediation; participate in on-call rotations.
🎯 Requirements
- 5+ years in software engineering; building and securing production systems; proficient in a language.
- US Citizen or US Permanent Resident.
- AppSec expertise: threat modeling and secure design; architecture reviews.
- API security: OAuth 2.0/OIDC; secure API design.
- Secrets management: HashiCorp Vault, AWS Secrets Manager; automated secrets scanning.
- CI/CD security tooling (SAST/DAST/SCA); IaC patterns; cloud/container security. Familiar with FedRAMP/NIST SP 800-53.
🎁 Benefits
- Medical, dental, and vision insurance.
- Parental leave, life and disability coverage.
- 401(k) with employer matching starting on day one.
- Competitive base salary plus 10% performance bonus.
- Remote-friendly, supportive work environment.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!