Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Zocdoc

Senior Staff Software Engineer, Vulnerability Management

Zocdoc

Senior Staff Engineer focusing on vulnerability management at Zocdoc. Collaborating across teams to enhance security and automate remediation processes.

Posted 7/14/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $200,000 - $290,000 per yearWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates expertise in security engineering and vulnerability management, with a strong focus on cloud infrastructure and container security. Proficient in automation scripting and integrating AI tools to enhance security workflows and compliance.

Highest-signal resume keywords
Security EngineeringVulnerability ManagementCloud Infrastructure SecurityAutomation ScriptingGenerative AI Integration

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
PythonGoRustAutomation ScriptsSecurity ToolingCI/CD IntegrationVulnerability ScanningRed TeamingPurple TeamingContainer Security
Tools & Technologies
AWSGCPAzureDockerKubernetesGenAI ToolsSASTDASTSCACI/CD Pipelines
Certifications & Qualifications
OSCEOSCPGXPNCISSP
Industry Keywords
Vulnerability Scoring SystemsCVSSEPSSOWASP Top 10Offensive Security

Tech Stack

Tools & technologies
AWSAzureCloudDockerGoGoogle Cloud PlatformKubernetesPythonRust

About the role

Key responsibilities & impact
  • Owning the technical roadmap for an automated, AI-driven vulnerability scanning platform across cloud infrastructure, container registries, operating systems, and application-layer software.
  • Building context-engine models that correlate findings from SAST, DAST, SCA, and cloud posture tooling to determine true runtime exploitability.
  • Implementing AI-assisted triage workflows that classify vulnerabilities, reduce false positives, and route validated issues to the right engineering teams.
  • Leading targeted red teaming and collaborative purple teaming exercises to validate exploitable paths and strengthen runtime defenses.
  • Partnering directly with Software Engineering and DevOps to build automated remediation pipelines, including dependency update pull requests and base-image patching workflows.
  • Engineering security scanning guardrails into CI/CD pipelines and providing structured telemetry to support continuous compliance and executive risk visibility.
  • Working with cutting-edge GenAI tools and technology to analyze findings, improve prioritization, and accelerate remediation workflows.

Requirements

What you’ll need
  • Meaningful experience in security engineering, vulnerability management, or software development, with at least 8 years focused on infrastructure, container platforms, and product security.
  • A proven track record of writing production-grade automation scripts and building custom security tooling at scale.
  • Hands-on experience planning or executing offensive security exercises, red teaming, purple teaming, or penetration testing.
  • Deep experience securing cloud infrastructure and containerized ecosystems using platforms such as AWS, GCP, or Azure, along with Docker and Kubernetes.
  • Advanced proficiency in Python, Go, or Rust to build automation, integrate scanner APIs, and orchestrate automated patching workflows.
  • Strong familiarity with adversarial frameworks, vulnerability scoring systems such as CVSS and EPSS, and common application and infrastructure attack vectors including the OWASP Top 10.
  • Experience integrating security scanners into CI/CD workflows and using AI or LLM APIs to analyze code or log data for rapid prioritization.
  • Required: the ability to integrate generative AI tools into daily workflows to automate tasks, foster innovation, and maximize productivity.
  • Advanced security certifications such as OSCE, OSCP, GXPN, CISSP, or equivalent practical engineering experience are highly valued.

Benefits

Comp & perks
  • Flexible work environment
  • Unlimited Vacation
  • 100% paid employee health benefit options (including medical, dental, and vision)
  • 401(k) with employer funded match
  • Corporate wellness programs with Headspace and Peloton
  • Sabbatical leave (for employees with 5+ years of service)
  • Competitive paid parental leave and fertility/family planning reimbursement
  • Cell phone reimbursement
  • Employee Resource Groups and ZocClubs to promote shared community and belonging
  • Great Place to Work Certified