Movable Ink

Product Security Engineer

Movable Ink

full-time

Posted on:

Location Type: Remote

Location: New YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $170,000 - $200,000 per year

Tech Stack

GoJavaScriptPythonRuby

About the role

  • Implement and maintain static application security testing (SAST) using Semgrep across our repositories
  • Configure and improve software composition analysis (SCA) tooling (Dependabot) to identify vulnerable dependencies
  • Manage secrets detection scanning (Trufflehog) and respond to findings
  • Integrate security scanning into CI/CD pipelines (GitHub Actions) to catch issues before code is merged
  • Triage and prioritize vulnerability findings, working with engineering teams to drive remediation
  • Support dynamic application security testing (DAST) efforts using tools like ZAP
  • Contribute to our Application Security Posture Management (ASPM) platform to centralize findings and track remediation
  • Set up and configure automation scripts to support our vulnerability management practices
  • Document secure coding guidelines and help educate developers on security best practices
  • Evaluate and recommend new security tools as the landscape evolves

Requirements

  • 2+ years of experience in application security, DevSecOps, or a security-focused software engineering role
  • Hands-on experience with SAST, SCA, or secrets scanning tools (Semgrep, Dependabot, Snyk, or similar)
  • Familiarity with CI/CD pipelines and GitHub Actions
  • Understanding of common web application vulnerabilities (OWASP Top 10) and how to detect/prevent them
  • Experience reading and reviewing code in at least one language (Ruby, Python, JavaScript, or Go preferred)
  • Comfortable navigating codebases and working with engineering teams to explain and prioritize security findings
  • Strong written communication skills for documentation and customer-facing security responses
  • Self-motivated and able to manage competing priorities in a fast-paced environment.
Benefits
  • Medical benefits
  • Financial benefits
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
static application security testingsoftware composition analysissecrets detection scanningdynamic application security testingvulnerability managementsecure coding guidelinescode reviewCI/CD pipelinesprogramming languagesvulnerability findings
Soft Skills
strong written communicationself-motivatedability to manage competing prioritiescollaboration with engineering teamsdocumentation skills