The team is shifting away from traditional tool-based security approaches to a proactive, consultative engineering partnership. The focus is on coaching developers and influencing secure coding practices, ensuring security is integral to code quality. This role is geared towards software engineers with strong development backgrounds who have transitioned into security or acted as security champions.
What the right candidate will enjoy:
- Partnering with developers at the implementation level
- Coaching engineers on writing secure code and understanding vulnerabilities
- Translating security issues into business impact and practical remediation strategies
- Solid software engineering fundamentals and experience writing production-level code
- Mindset that security is part of code quality
- Experience with AWS, CI/CD pipelines, IaC, containers, etc.
- Code review skills and ability to discuss code structure and design decisions
- Influence sprint planning to help teams prioritize security work realistically
- Analyze results of code scans and guide vulnerability remediation with development teams.
- Drive behavior change across teams with a consultative mindset
- Limited involvement in bug bounty triage, focusing primarily on implementation-stage support
