Owning the technical roadmap for an automated, AI-driven vulnerability scanning platform across cloud infrastructure, container registries, operating systems, and application-layer software.
Building context-engine models that correlate findings from SAST, DAST, SCA, and cloud posture tooling to determine true runtime exploitability.
Implementing AI-assisted triage workflows that classify vulnerabilities, reduce false positives, and route validated issues to the right engineering teams.
Leading targeted red teaming and collaborative purple teaming exercises to validate exploitable paths and strengthen runtime defenses.
Partnering directly with Software Engineering and DevOps to build automated remediation pipelines, including dependency update pull requests and base-image patching workflows.
Engineering security scanning guardrails into CI/CD pipelines and providing structured telemetry to support continuous compliance and executive risk visibility.
Working with cutting-edge GenAI tools and technology to analyze findings, improve prioritization, and accelerate remediation workflows.
Requirements
Meaningful experience in security engineering, vulnerability management, or software development, with at least 8 years focused on infrastructure, container platforms, and product security.
A proven track record of writing production-grade automation scripts and building custom security tooling at scale.
Hands-on experience planning or executing offensive security exercises, red teaming, purple teaming, or penetration testing.
Deep experience securing cloud infrastructure and containerized ecosystems using platforms such as AWS, GCP, or Azure, along with Docker and Kubernetes.
Advanced proficiency in Python, Go, or Rust to build automation, integrate scanner APIs, and orchestrate automated patching workflows.
Strong familiarity with adversarial frameworks, vulnerability scoring systems such as CVSS and EPSS, and common application and infrastructure attack vectors including the OWASP Top 10.
Experience integrating security scanners into CI/CD workflows and using AI or LLM APIs to analyze code or log data for rapid prioritization.
Required: the ability to integrate generative AI tools into daily workflows to automate tasks, foster innovation, and maximize productivity.
Advanced security certifications such as OSCE, OSCP, GXPN, CISSP, or equivalent practical engineering experience are highly valued.
Tech Stack
AWS
Azure
Cloud
Docker
Google Cloud Platform
Kubernetes
Python
Rust
Go
Benefits
Flexible work environment
Unlimited Vacation
100% paid employee health benefit options (including medical, dental, and vision)
401(k) with employer funded match
Corporate wellness programs with Headspace and Peloton
Sabbatical leave (for employees with 5+ years of service)
Competitive paid parental leave and fertility/family planning reimbursement
Cell phone reimbursement
Employee Resource Groups and ZocClubs to promote shared community and belonging