FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Senior Security Engineer
Epidemic SoundJoin Epidemic Sound as a Security Engineer, managing vulnerability across products and systems. Collaborate with teams to build security automations and harden the environment.
Tech Stack
Tools & technologiesCloudDockerGoGoogle Cloud PlatformKubernetesPythonTerraform
About the role
Key responsibilities & impact- Own the vulnerability management programme across our products, cloud, and corporate estate: discovery, prioritisation, remediation tracking, and reporting.
- Consolidate findings across our detection stack into a single risk picture.
- Partner with software engineers to grow the Secure Software Development Lifecycle, including code reviews, threat models, and pre-ship security input.
- Harden the GCP estate, Kubernetes platform, and CI/CD systems our engineers depend on.
- Run vendor security reviews and respond to enterprise customer security questionnaires.
- Operate and tune the Elastic SIEM and broader detection stack, building new detections as the threat picture evolves.
- Respond to security incidents including on-call, and run training exercises to keep the team ready.
- Build and run security agents and automations that other engineers and the wider business rely on, treating them as production-grade software.
- Evaluate AI models and frameworks against security standards.
Requirements
What you’ll need- Around five years in security engineering, with depth in at least one of application security, infrastructure security, enterprise security, or vulnerability management, and solid breadth across the others.
- Hands-on experience running or contributing to a vulnerability management programme, including prioritisation, SLA setting, remediation tracking, and reporting.
- Working knowledge of SCA/SAST tooling, Internal Developer Portals, and SIEM; we use Snyk, Port, and Elastic.
- Working knowledge of the security features of the major public cloud providers, with GCP preferred.
- Comfort with Kubernetes, Docker, or other container architectures.
- Confident with at least one programming or scripting language such as Python, Go, or Bash.
- Solid experience with Git, GitHub Actions, and Terraform.
- Active, daily use of AI and agentic tools, with concrete examples of agents you have built and outputs you have shipped.
- Experience with vendor security questionnaires.
- Familiarity with common security frameworks such as PCI DSS and NIST.
- Penetration testing background or OWASP Top 10 fluency would be a plus.
- Experience with CI/CD security hardening at scale would be a plus.
Benefits
Comp & perks- Equal opportunity employer
- Bringing people together from different backgrounds, experiences and perspectives makes for a healthy workplace, a more successful business and a better world. We value diversity and encourage everyone to come and soundtrack the world with us.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
vulnerability managementapplication securityinfrastructure securityenterprise securitySCA toolingSAST toolingprogramming languagepenetration testingCI/CD security hardeningsecurity frameworks
Soft Skills
collaborationcommunicationproblem-solvingtrainingincident responseprioritizationreportingrisk assessmentautomationleadership