Secure SDLC Integration: Collaborate with engineering teams to integrate security checkpoints into the Software Development Life Cycle (SDLC) without slowing down the pace of innovation.
Pipeline & Build Security: Harden CI/CD pipelines (e.g., Jenkins, GitHub Actions) to prevent unauthorized code injection and ensure the integrity of build artifacts.
Software Supply Chain Defense: Monitor and secure the software supply chain by verifying third-party dependencies, managing Software Bill of Materials (SBOMs), and implementing provenance checks.
Cloud Infrastructure Security: Assist in securing cloud-native environments (AWS/GCP/Azure), focusing on resource configuration and secure deployment patterns.
AI Security & Governance: Evaluate and secure the use of AI coding assistants and LLM-integrated development tools, ensuring they adhere to secure coding standards and do not introduce risks of data leakage.
Automation & Tooling: Write scripts and basic applications to automate repetitive security tasks and integrate security tooling directly into developer workflows.

Requirements

Strong background in Computer Science or a related engineering discipline
Must be located in North America
Academic, professional or internship experience working in a professional engineering or cybersecurity environment
Fluency in software coding and code reviews

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Secure SDLCCI/CD pipelinesJenkinsGitHub ActionsSoftware Bill of Materials (SBOM)cloud-native securityAWSGCPAzureautomation scripting

Soft Skills

collaborationcommunicationproblem-solvingattention to detailcritical thinking