Security Engineer - DevSecOps
To see similar active jobs please follow this link: Remote Development jobs
The Role
We are seeking a talented and proactive Security Engineer to join our team. The ideal candidate will be passionate about cybersecurity and possess a strong technical background in application and cloud network technologies. In this role, you will collaborate closely with our application production engineering teams and the Infosec team to integrate security best practices into all aspects of our software development lifecycle.
What You'll Do
Partner with rest of the InfoSec Team, IT and the Product-Engineering teams to implement the strategic security vision into our products
Design, implement, and maintain robust security architectures for our applications and cloud infrastructure to ensure our systems' confidentiality, integrity, and availability
Help implement Cloud Security Best Practices by configuring and managing security controls for cloud environments, including identity and access management (IAM), network security groups (NSGs), and encryption mechanisms
Keep detailed documentation of security configurations, policies, procedures, and incidents to help keep track of the status of security initiatives and compliance efforts
Implement security automation and orchestration workflows to streamline security operations and improve incident response times
Perform security-focused code reviews
Assist the InfoSec team in supporting the development and implementation of controls to achieve and maintain compliance with SOC 2 and other relevant industry standards
Support and consult with product engineering teams in the area of application security, including threat modeling and appsec reviews
Work closely with product engineering teams to embed security frameworks and security best practices throughout the software development lifecycle, including secure coding guidelines, static and dynamic code analysis, and dependency scanning
Participate in the entire software development lifecycle (SDLC), including threat modeling, secure code reviews, and security testing
Assist teams in reproducing, triaging, and addressing application security vulnerabilities
Take the lead in incident response efforts during security breaches or incidents, managing investigation, containment, eradication, and recovery activities while implementing preventative measures for the future
Who You Are
An expert in application and cloud security with a deep understanding of the latest threats, vulnerabilities, and best practices
A cybersecurity enthusiast with a substantial technical foundation and a drive to stay ahead of emerging threats
Proficiency in programming and automation using Go, JavaScript, Bash, and Terraform
A collaborative team player who can effectively communicate and work with cross-functional teams to integrate security into every phase of the software development lifecycle and convey technical concepts to non-technical stakeholders
A problem-solver with a keen eye for detail and a proactive approach to identifying and addressing security vulnerabilities
A continuous learner who thrives in a fast-paced environment and is eager to stay updated on emerging technologies and trends in cybersecurity
Strong understanding of web application security principles, including OWASP Top 10 vulnerabilities and secure coding practices
Familiarity with both AWS and GCP production environments
Experienced in applying security best practices to meet industry compliance standards (e.g., SOC 2, PCI-DSS, HIPAA)
(Bonus) Security certifications such as CISSP, CSSLP, CEH, or GCP Professional Cloud Security Engineer / AWS Certified Security Engineer
US Employee Benefits
Your benefits start on Day 1!
Health & Wellbeing
Inclusive health, dental, and vision plans built to support diverse lifestyles
Employer contribution to HSA plans
Generous paid parental leave
Enhanced support for reproductive health, family planning, and new parents
Robust mental health support and Employee Assistance Program (EAP) with confidential counseling services
Comprehensive well-being benefits including reimbursement program
Flexible PTO policy and company breaks - At Bitly, we believe rest and relaxation are essential for rejuvenating the creative spirit that sets us apart
Inclusion & Belonging
Impactful connections and community building through our Employee Resource Groups
Global DEI programming
Company-sponsored events to connect Bitizens together
Financial
401k with up to 4% employer match, access to financial professionals to offer our employees the opportunity to plan for a strong financial future well beyond their working years
Company Stock Options
Life, Short-term Disability and Long-term Disability options
Flexible workspace support provided, including home office, cell phone and WiFi service reimbursement
Coworking reimbursement for eligible employees
Voluntary Benefits: Pet Insurance, LegalShield, IDShield, Hospitalization, and Accident coverages
Reimbursement for professional development
Eligibility & Closing
US applicants must be currently authorized to work in the United States on a full-time basis.
*** Must live in or be willing to relocate to one of the following states to be eligible for hire: Arizona, California, Colorado, Connecticut, Florida, Georgia, Illinois, Louisiana, Massachusetts, Michigan, Minnesota, New York, New Jersey, North Carolina, Pennsylvania, Texas, Vermont, Virginia, Washington ***
If you are based in California, we encourage you to read this important information for California residents linked here. (https://bitly.is/CPRACandidates)
#LI-AH1 #LI-Remote
About the job
Security Engineer - DevSecOps
To see similar active jobs please follow this link: Remote Development jobs
The Role
We are seeking a talented and proactive Security Engineer to join our team. The ideal candidate will be passionate about cybersecurity and possess a strong technical background in application and cloud network technologies. In this role, you will collaborate closely with our application production engineering teams and the Infosec team to integrate security best practices into all aspects of our software development lifecycle.
What You'll Do
Partner with rest of the InfoSec Team, IT and the Product-Engineering teams to implement the strategic security vision into our products
Design, implement, and maintain robust security architectures for our applications and cloud infrastructure to ensure our systems' confidentiality, integrity, and availability
Help implement Cloud Security Best Practices by configuring and managing security controls for cloud environments, including identity and access management (IAM), network security groups (NSGs), and encryption mechanisms
Keep detailed documentation of security configurations, policies, procedures, and incidents to help keep track of the status of security initiatives and compliance efforts
Implement security automation and orchestration workflows to streamline security operations and improve incident response times
Perform security-focused code reviews
Assist the InfoSec team in supporting the development and implementation of controls to achieve and maintain compliance with SOC 2 and other relevant industry standards
Support and consult with product engineering teams in the area of application security, including threat modeling and appsec reviews
Work closely with product engineering teams to embed security frameworks and security best practices throughout the software development lifecycle, including secure coding guidelines, static and dynamic code analysis, and dependency scanning
Participate in the entire software development lifecycle (SDLC), including threat modeling, secure code reviews, and security testing
Assist teams in reproducing, triaging, and addressing application security vulnerabilities
Take the lead in incident response efforts during security breaches or incidents, managing investigation, containment, eradication, and recovery activities while implementing preventative measures for the future
Who You Are
An expert in application and cloud security with a deep understanding of the latest threats, vulnerabilities, and best practices
A cybersecurity enthusiast with a substantial technical foundation and a drive to stay ahead of emerging threats
Proficiency in programming and automation using Go, JavaScript, Bash, and Terraform
A collaborative team player who can effectively communicate and work with cross-functional teams to integrate security into every phase of the software development lifecycle and convey technical concepts to non-technical stakeholders
A problem-solver with a keen eye for detail and a proactive approach to identifying and addressing security vulnerabilities
A continuous learner who thrives in a fast-paced environment and is eager to stay updated on emerging technologies and trends in cybersecurity
Strong understanding of web application security principles, including OWASP Top 10 vulnerabilities and secure coding practices
Familiarity with both AWS and GCP production environments
Experienced in applying security best practices to meet industry compliance standards (e.g., SOC 2, PCI-DSS, HIPAA)
(Bonus) Security certifications such as CISSP, CSSLP, CEH, or GCP Professional Cloud Security Engineer / AWS Certified Security Engineer
US Employee Benefits
Your benefits start on Day 1!
Health & Wellbeing
Inclusive health, dental, and vision plans built to support diverse lifestyles
Employer contribution to HSA plans
Generous paid parental leave
Enhanced support for reproductive health, family planning, and new parents
Robust mental health support and Employee Assistance Program (EAP) with confidential counseling services
Comprehensive well-being benefits including reimbursement program
Flexible PTO policy and company breaks - At Bitly, we believe rest and relaxation are essential for rejuvenating the creative spirit that sets us apart
Inclusion & Belonging
Impactful connections and community building through our Employee Resource Groups
Global DEI programming
Company-sponsored events to connect Bitizens together
Financial
401k with up to 4% employer match, access to financial professionals to offer our employees the opportunity to plan for a strong financial future well beyond their working years
Company Stock Options
Life, Short-term Disability and Long-term Disability options
Flexible workspace support provided, including home office, cell phone and WiFi service reimbursement
Coworking reimbursement for eligible employees
Voluntary Benefits: Pet Insurance, LegalShield, IDShield, Hospitalization, and Accident coverages
Reimbursement for professional development
Eligibility & Closing
US applicants must be currently authorized to work in the United States on a full-time basis.
*** Must live in or be willing to relocate to one of the following states to be eligible for hire: Arizona, California, Colorado, Connecticut, Florida, Georgia, Illinois, Louisiana, Massachusetts, Michigan, Minnesota, New York, New Jersey, North Carolina, Pennsylvania, Texas, Vermont, Virginia, Washington ***
If you are based in California, we encourage you to read this important information for California residents linked here. (https://bitly.is/CPRACandidates)
#LI-AH1 #LI-Remote