We are looking for a Senior Security Operations Engineer to join and support a team building security solutions that help organizations monitor, assess, and improve the security posture of open-source software.
The team works on a platform that provides unified visibility into open-source vulnerabilities, as well as a solution that delivers security ratings for open-source libraries. These capabilities help development teams make better risk-based decisions and improve the overall security of the software delivery lifecycle.
The person in this role will work closely with the existing team, support ongoing development activities, contribute to CI/CD and DevSecOps improvements, and help ensure that the delivered solutions are scalable, reliable, and secure.
Responsibilities
- Support the team in the development and enhancement of solutions for open-source vulnerability monitoring and security rating
- Contribute to improving CI/CD pipelines and GitHub Actions–based workflows
- Apply DevSecOps and secure engineering practices across the software delivery lifecycle
- Collaborate with engineers, security specialists, product stakeholders, and other team members to deliver reliable and secure solutions
- Help analyze, prioritize, and address security-related topics connected to open-source components and dependencies
- Share knowledge, support team activities, and contribute to continuous improvement of product quality and engineering practices
Requirements
- Background in DevSecOps practices, Secure Software Development Life Cycle (SSDLC), and security-as-code approaches, with 3+ years of relevant experience
- Understanding of Software Composition Analysis, open-source vulnerability management, and OSS license compliance
- Knowledge of CVSS scoring, exploitability assessment, and vulnerability prioritization and remediation strategies
- Hands-on experience with GitHub Actions, CI/CD pipelines, and integration of security checks or quality gates into delivery workflows
- Familiarity with open-source security principles, vulnerability management practices, and relevant security guidelines
- Strong communication skills, ownership mindset, and ability to work effectively as part of a cross-functional team
- Proficiency in English at an Upper-Intermediate level (B2) or higher