StaffSecurityOperationsEngineer

## Accountabilities Partner with engineering teams to perform threat modeling, architecture reviews, and security assessments for new features and systems. Design, build, and evolve application security programs, including SAST/DAST, dependency scanning, and secure coding practices. Embed security controls and requirements into CI/CD pipelines and the broader software development lifecycle. Identify, prioritize, and remediate vulnerabilities with a focus on reducing systemic risk across products and APIs. Strengthen detection and response capabilities through improved monitoring, logging, alerting, and incident response workflows. Automate security operations processes to improve efficiency, reduce noise, and accelerate threat detection and remediation. Support compliance initiatives such as SOC 2 and other security frameworks while maintaining scalable engineering practices. Act as a security advisor to product and engineering teams, especially around authentication, authorization, and data protection. Requirements: 6+ years of experience in security engineering, spanning both application security and security operations. Strong expertise in application security fundamentals including OWASP, threat modeling, secure SDLC, and API security. Hands-on experience with cloud security in environments such as AWS or GCP and modern cloud-native architectures. Experience building or integrating security tooling, automation, or detection systems (e.g., SIEM, SOAR, or custom scripts). Proven ability to collaborate closely with engineers to improve security posture without slowing delivery velocity. Strong background in incident response coordination and operational security in production environments. Familiarity with security frameworks such as SOC 2, ISO 27001, or equivalent compliance standards. Excellent communication skills with the ability to translate complex security risks into clear, actionable guidance. Benefits: Competitive compensation with equity participation in