StaffSecurityOperationsEngineer

Are you a security engineer who thinks like an attacker but works like a builder. Someone who can find the flaw in an API design before it ships, write the tooling to catch the next one automatically, and partner with engineering teams to build more secure software end to end? Someone who can own the detection and response capabilities that keep infrastructure safe, and still show up sharp when an incident needs an expert hand? If so, we want to talk to you. As a Staff Security Engineer at Apollo, you'll bring deep expertise across both application security and security operations to help us protect the products we build and the infrastructure we run them on. This is a high-impact, high-ownership role where you'll shape how we approach secure development, lead detection and response, and be a trusted partner to engineering teams building Apollo's API platform. WHAT YOU’LL DO - Partner with engineering teams to conduct threat modeling and security reviews on new features and architecture changes - Establish and evolve Apollo's application security program including SAST/DAST tooling, dependency scanning, and secure coding standards - Drive security requirements into the SDLC, embedding security gates into CI/CD pipelines - Identify and remediate vulnerabilities in Apollo's products and APIs, with a focus on reducing systemic risk rather than one-off fixes - Act as a security advisor for product teams building customer-facing features, particularly those involving authentication, authorization, and data handling - Advance Apollo’s detection and response strategy in partnership with engineering and IT leadership - Implement and maintain adherence to SOC 2 and other cloud security frameworks - Handle escalations from Sales and Customer Success - Build and tune monitoring, logging, and alerting systems to improve visibility while reducing noise - Drive automation of SecOps workflows to speed up investigation and response - Guide secure adoption of AI across Apollo - from