About the Role
The role involves identifying and mitigating security risks in software applications, guiding secure coding practices, and working closely with development teams to integrate security into every phase of the development process.
Responsibilities
- Evaluate software designs for potential security flaws
- Conduct regular code reviews with a focus on security
- Identify and classify vulnerabilities in applications
- Develop and maintain security testing procedures
- Collaborate with developers to resolve security issues
- Implement secure coding standards across teams
- Lead incident response efforts for security breaches
- Perform threat modeling for new features
- Integrate security tools into CI/CD pipelines
- Assess third-party components for security risks
- Create and deliver security training for engineers
- Monitor emerging threats and vulnerabilities
- Support compliance with security standards
- Review architecture for security best practices
- Advocate for security improvements in product design
- Automate security validation processes
- Assist in penetration testing activities
- Document security policies and procedures
- Evaluate security implications of new technologies
- Provide guidance during product development cycles
- Ensure secure handling of authentication and authorization
- Improve detection of suspicious activities
- Promote a culture of security awareness
- Work with external auditors during security assessments
- Maintain up-to-date knowledge of attack vectors
Nice to Have
- Master's degree in cybersecurity or related area
- Certifications such as CISSP, OSCP, or CISM
- Experience with large-scale distributed systems
- Background in red teaming or offensive security
- Contributions to open-source security projects
- Public speaking or conference presentations
- Experience in startup environments
- Knowledge of mobile application security
- Experience with hardware security modules
- Familiarity with formal verification methods
Compensation
Competitive salary and benefits package
Work Arrangement
Remote with flexible hours
Team
Small, agile team focused on product innovation and security
Security Philosophy
We believe security should be integrated early and continuously, not added as an afterthought. The right candidate will help us build systems that are secure by design and resilient by default.
Tech Stack
Our stack includes Kubernetes, Go, Python, PostgreSQL, and AWS. We use automated testing, infrastructure as code, and continuous deployment to maintain velocity without sacrificing security.
Available for qualified candidates
