Own and deliver application security work within defined projects or domains. Contribute to cross-functional security initiatives, executing clearly scoped pieces of larger efforts.
Identify, prioritize, and help remediate application security risks in partnership with engineering teams.
Apply secure-by-default patterns and approved architectures when designing or reviewing systems.
Support cloud infrastructure security by integrating security controls into CI/CD pipelines, IAM, networking, and runtime environments.
Partner with product and engineering teams to assess risk and recommend practical, risk-informed security improvements. Participate in application security design reviews and threat modeling for new and existing systems.
Write code, reviews, and documentation to address vulnerabilities and reduce recurring classes of issues.
Participate in security incident response and contribute to post-incident analysis and remediation.

Requirements

4+ years of experience in software engineering, application security, or cloud infrastructure security.
Practical experience with application security techniques such as threat modeling, secure design patterns, authentication and authorization, secrets management, and vulnerability remediation. Strong understanding of secure coding practices and common application security risks (e.g., OWASP Top 10).
Experience securing cloud-native systems in AWS and/or GCP.
Ability to assess security risks and break down complex problems, reason about tradeoffs, make sound recommendations, and deliver practical, impactful solutions with guidance when needed.
Strong sense of ownership over assigned work, with the ability to execute independently and follow through.
Clear written and verbal communication skills, including the ability to explain security issues to engineers with varying levels of security expertise.
A growth mindset and interest in learning from more senior engineers and expanding depth in both application and cloud infrastructure security over time.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application securitycloud infrastructure securitythreat modelingsecure design patternsauthenticationauthorizationsecrets managementvulnerability remediationsecure coding practicesOWASP Top 10

Soft Skills

problem-solvingrisk assessmentdecision-makingownershipindependencecommunicationcollaborationgrowth mindsetadaptabilitylearning