Cybersecurity Engineer
Maveris
AWSCloudCyber SecurityLinuxServiceNowSplunk
Lead Application and Cloud Security Engineer
Unqork
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $128,200 - $178,000 per year
Job Level
Senior
Tech Stack
AWSAzureCloudGoogle Cloud PlatformMicroservices
About the role
- You will be part of a team that is passionate about securing Unqork's Commercial and FedRAMP technology stack.
- You will champion cloud and application security best practices and drive their adoption across Unqork's engineering organizations.
- You will automate processes using policy as code.
- You'll leverage your deep technical expertise to oversee the identification and remediation of security vulnerabilities and misconfigurations.
- In this role, you will lead the review process for all features, security patches, and bug fix requests, ensuring security is a foundational element of our development lifecycle.
- You will empower team members to deliver high-quality, secure solutions and align with our core security and engineering practices.
- Mature our Secure Software Development Lifecycle (SSDLC) by integrating security controls, automation and tooling into our CI/CD pipelines and governing the security release process.
- Drive the SSDLC throughout Unqork, embedding security from design to deployment.
Requirements
- 10+ years of progressive experience in information security.
- Deep understanding of modern web application architectures (e.g., microservices, event-driven), cloud technologies (AWS, Azure, GCP), and secure coding principles.
- Extensive experience with application security testing methodologies (SAST, DAST, SCA, penetration testing), vulnerability management, and common web application vulnerabilities (OWASP Top 10).
- Demonstrated ability to define and execute security strategies, develop roadmaps, and translate complex technical concepts into actionable plans for various stakeholders.
- Exceptional communication, presentation, and interpersonal skills, with the ability to influence and collaborate effectively across all levels of the organization.
- Experience establishing and integrating security tooling into the product development lifecycle, including CI/CD pipelines, and driving automation efforts. This includes hands-on experience with tools like Semgrep, Dependabot, Qualys, and Lacework.
- Relevant Certifications (Preferred): CISSP, CSSLP, CCSP, or other industry-recognized security certifications.
Benefits
- 💻 Work from home with a remote-first community
- 🏝 Unlimited PTO (and the encouragement to use it)
- 📝 Student loan payback program
- 🏥 100% employer-covered medical, dental, and vision options available to you and your dependents
- 💸 Flexible Spending Account (FSA)
- 🏠 Monthly stipend toward your WFH setup, vacation, development and more
- 💰 Employer-sponsored 401(k) with contribution match
- 🏋🏻♀️ Subsidized ClassPass Membership
- 🍼 Generous Paid Parental Leave
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
information securitycloud technologiessecure coding principlesapplication security testing methodologiesvulnerability managementweb application vulnerabilitiesSecure Software Development LifecycleautomationCI/CD pipelinespolicy as code
Soft skills
communicationpresentationinterpersonal skillsinfluencecollaborationleadershipteam empowermentstrategic planningstakeholder engagementproblem-solving
Certifications
CISSPCSSLPCCSP
