Senior Security Engineer

Integrate with data and software engineering teams to assess the security of new applications, features, partner integrations, data flows, and internal product configuration/administration tools. Develop solutions to enable and enhance the security of our services and infrastructure on Azure and AWS, such as mechanisms to identify and prevent security incidents and accelerate the team’s response to security issues. Assess, validate as necessary, coordinate, and confirm remediation of vulnerabilities identified through third-party penetration testing and internal vulnerability scans in conjunction with engineering teams (e.g., DevOps/SRE, Software Engineering). Play a key role in selecting, designing, configuring, and using additional vulnerability scanning technologies (e.g., container scanning, SCA/SBOM, SAST, DAST, IAST, RASP). Serve as a technical leader on incident response for web applications and infrastructure. Recommend, drive, and implement improvements to our Security Program, including how the program is integrated within the SDLC. Will author and, when appropriate, delegate formal technical risk assessments to team members, documenting security findings and outlining required mitigating controls.