- Company Name
- Biorce
- Job Title
- Senior Security Engineer
- Job Description
-
Job Title: Senior Security Engineer
Role Summary: Lead the application security program for a healthtech product, conducting code reviews, managing security tooling, and integrating secure development practices into CI/CD pipelines.
Expectations: Deliver comprehensive security assessments, ensure continuous compliance with industry standards, and promote a culture of security awareness across engineering teams.
Key Responsibilities:
- Perform in‑depth security code reviews for backend and frontend repositories, identifying and remediating vulnerabilities.
- Implement, configure, and maintain AppSec tools (e.g., Aikido, Snyk, GitHub Advanced Security, SonarQube).
- Design and enforce automated security checks within CI/CD workflows.
- Operate and optimize GRC platforms (e.g., Vanta, Drata, Secureframe) to support compliance initiatives.
- Collaborate with engineering, DevOps, and product teams to enhance security posture while enabling rapid delivery.
- Monitor, investigate, and respond to security incidents, conducting root‑cause analysis.
- Drive internal security training and awareness programs.
Required Skills:
- 4+ years in application or product security, with hands‑on code review and threat modeling experience.
- Proficiency in AppSec tools (Aikido, Snyk, etc.) and GRC solutions (Vanta, Drata, Secureframe).
- Strong grasp of OWASP Top 10, secure SDLC, dependency management, RBAC/authorization.
- Experience with CI/CD, Docker, Kubernetes, and cloud platforms (AWS, GCP, Azure).
- Incident response, log analysis, and security monitoring capabilities.
- Proficient with Git, Confluence, Jira, and documentation.
- Excellent communication and cross‑functional collaboration skills.
Required Education & Certifications:
- Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Security, or related field.
- Optional certifications: OSCP, OSWE, CISSP, CSSLP.
---