Build the Secure Paved Road (Pipeline and Code): Deeply integrate GitHub Advanced Security into the CI/CD pipeline to act as automated checkpoints, providing fast feedback to engineers without manual intervention.
Collaborate with Engineering to develop and maintain secure microservice templates and libraries with embedded security controls.
Lead hardcoded secrets mitigation efforts by automating detection and building workflows to validate compromised credentials via API.
Drive cross functional initiatives to establish and continuously improve secure software development lifecycle practices across the organization.
Lead onboarding and operation of continuous penetration testing capabilities across web applications and services.
Participate in and help scale internal security assessments, penetration testing, and bug bounty programs.
Act as the AppSec technical expert for the Security Champions Program, guiding engineers on vulnerability remediation and secure coding practices.
Maintain strong knowledge of current security threats, vulnerabilities, and operational best practices, applying that knowledge to continuously improve the organization’s security posture.

Requirements

5+ years of experience in Product/Application Security, with a strong background in software engineering.
Proficiency in C#/.NET (preferred) or Go/Java.
Modern AppSec: Experience moving security "left" using tools like GitHub Advanced Security (GHAS), dependency scanners, and secret detectors.
Proven ability to script (Python, Go, PowerShell) and automate security tasks.
Interest in the intersection of AI and Security, specifically in securing AI workloads, leveraging AI capabilities to embed security throughout the SDLC, and using AI agents for defense.

Benefits

Flextime, recognition, and support for autonomous work: Flexible time off with ample learning and development opportunities
Comprehensive onboarding program, leadership training for Titans at all levels, and other programs and events.
Great work is rewarded through Bonusly, peer-nominated awards, and more.
Holistic health and wellness benefits: Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents), FSA and HSA, 401k match, and telehealth options including memberships to One Medical.
Support for Titans at all stages of life: Parental leave and support, up to $20k in fertility services (i.e. IUI and IVF), surrogacy, and adoption reimbursement, on demand maternity support through Maven Maternity, free breast milk shipping through Maven Milk, pet insurance, legal advisory services, financial planning tools, and more.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

C#.NETGoJavaPythonPowerShellGitHub Advanced Securitydependency scannerssecret detectorssecure coding practices

Soft Skills

collaborationleadershipcommunicationproblem-solvingcross-functional teamwork