Senior SecOps Engineer

Join a team building security solutions that help organizations monitor, assess, and improve the security posture of open-source software. The work focuses on a platform for unified visibility into open-source vulnerabilities and a solution that provides security ratings for open-source libraries, enabling better risk-based decisions across development teams.

Responsibilities

• Contribute to the development and enhancement of solutions for open-source vulnerability monitoring and security rating
• Support and improve CI/CD pipelines and GitHub Actions–based workflows
• Apply DevSecOps and secure engineering practices throughout the software lifecycle
• Work closely with cross-functional teams to deliver scalable, reliable and secure solutions
• Contribute as a team player through collaboration, knowledge exchange and support of overall product quality

Requirements

• Experience with DevSecOps orchestration, secure software development practices and security-as-code approaches
• Familiarity with software composition analysis tools and open-source license compliance processes
• Knowledge of vulnerability assessment methods, including CVSS scoring, exploit analysis and remediation techniques
• Practical background in CI/CD pipeline security, particularly with GitHub Actions, and integration of security controls into automated workflows
• Understanding of open-source security principles, vulnerability management and relevant security standards and guidelines