We are seeking a highly experienced Sr. Security Engineer.
Responsibilities:
• Embed security-by-default controls into SDKs, templates, Helm charts, and developer workflows.
• Define cryptography and encryption integration patterns (TLS standards, key management, secrets usage) consumable by teams.
• Integrate automated security checks into CI/CD (SAST, SCA, secrets scanning, container scanning, policy checks).
• Create developer-friendly security guardrails: secure coding patterns, remediation playbooks, and threat-model enablement.
• Ensure GitOps/IaC/Helm patterns align with enterprise security controls (least privilege, provenance, hardened configs).
• Collaborate with platform and DevOps engineers to continuously improve security posture with minimal developer friction.
Requirements:
• DevSecOps Tooling: SAST, SCA, secrets scanning, container image scanning, policy/guardrail checks in CI/CD
• Cryptography & Security Engineering: TLS, PKI basics, encryption at rest/in transit patterns, KMS/HSM concepts
• Secure SDLC: shift-left practices, secure defaults in templates/SDKs, automated security gating approaches
• Cloud & Kubernetes Security: IAM least privilege, network/security policies, secure Helm/IaC practices
• Vulnerability & Remediation: findings triage, remediation guidance, secure configuration baselines
• Developer Enablement: security patterns as reusable components, documentation and adoption support
• Certifications: OSWE, PWPP, eWPT, CSSLP / relevant GIAC certifications (nice to have)