Senior SecOps Engineer

Join a team building security solutions that help organizations monitor, assess, and improve the security posture of open-source software. The work focuses on a platform for unified visibility into open-source vulnerabilities and a solution that provides security ratings for open-source libraries, enabling better risk-based decisions across development teams.
Responsibilities
Contribute to the development and enhancement of solutions for open-source vulnerability monitoring and security rating
Support and improve CI/CD pipelines and GitHub Actions–based workflows
Apply DevSecOps and secure engineering practices throughout the software lifecycle
Work closely with cross-functional teams to deliver scalable, reliable and secure solutions
Contribute as a team player through collaboration, knowledge exchange and support of overall product quality
Requirements
Experience with DevSecOps orchestration, secure software development practices and security-as-code approaches
Familiarity with software composition analysis tools and open-source license compliance processes
Knowledge of vulnerability assessment methods, including CVSS scoring, exploit analysis and remediation techniques
Practical background in CI/CD pipeline security, particularly with GitHub Actions, and integration of security controls into automated workflows
Understanding of open-source security principles, vulnerability management and relevant security standards and guidelines