Senior Application Security Engineer

As a DevSecOps Engineer, you will play a key role in safeguarding product offerings and cloud infrastructure. Working within the Cloud and Application Security team, you'll focus on designing, deploying, and automating cloud and application security solutions across the organization. This position emphasizes collaboration with DevOps Engineers and Application Developers to create a secure multi-cloud environment, building scalable security practices and policies to support the company's growth.

Key Responsibilities :

• Develop and manage security toolsets and platforms (e.g., SAST/DAST/IAST tools, vulnerability management for containers, cloud platforms, SIEM, etc.).
• Monitor and resolve cloud misconfigurations and detect intrusions in a multi-cloud environment.
• Integrate log management and monitoring tools to ensure alerting and automation processes are effective.
• Conduct evaluations of security controls, infrastructure, and processes, proposing mitigation strategies when necessary.
• Investigate and respond to security incidents, collaborating with leadership and the security operations team on findings and remediation.
• Support Application Security Engineers to secure cloud platforms and products.

Required Qualifications :

• Bachelor’s degree or equivalent experience/training. Information security and cloud certifications are beneficial.
• Experience securing SaaS applications and familiarity with AWS security tools (e.g., Inspector, GuardDuty, CloudFormation).
• Proficiency in infrastructure as code (e.g., Terraform, CloudFormation).
• Strong scripting and automation skills using Python or similar languages.
• Hands-on experience with CI/CD pipelines, security integration, and tools such as Jenkins and Ansible.
• Ability to evaluate vulnerabilities, analyze security logs, and assess threats.

Skills & Competencies :

• Solid understanding of information security architecture, risk mitigation, and threat management.
• Experience with SOC, CSIRT, and SecOps systems, digital forensics, and malware analysis.
• Knowledge of industry standards and guidelines (e.g., ISO, ITIL, NIST, SANS, CIS, PCI).
• Strong communication skills for both technical and non-technical stakeholders.

Benefits :

• Discretionary time off (DTO)
• Comprehensive medical, dental, and vision insurance
• Health Savings Account (HSA) with company contribution
• 401K match (6%/3%)
• Paid holidays
• College tuition reimbursement program (STEAM)

This position offers a great opportunity to be part of a cutting-edge security team, driving innovation and security excellence across multi-cloud environments.