Role summary
Embed security into every stage of the SDLC. You will assess vulnerabilities, review code, automate security tests, and coach the engineering team on rapid, effective fixes.

Key responsibilities

• Run regular vulnerability assessments and secure-code reviews
• Configure and maintain SAST, DAST, SCA, and other security tools
• Automate security testing and reporting pipelines
• Analyse scan results, prioritise risks, and guide developers on remediation
• Evaluate and integrate cost-effective security solutions
• Keep security policies, procedures, and runbooks up to date

Requirements

• 2 + years in software development with hands-on security work
• B.S. in Computer Science (or similar)
• Practical experience with Git-based workflows and full-stack development (Java, Python, etc.)
• Proven use of static/dynamic analysis tools and web-app vulnerability management
• Solid knowledge of AWS services and related security tooling
• Understanding of common attack vectors (XSS, injections, session hijacking, social engineering)
• Familiarity with RBAC/SSO, OS and database hardening
• Strong problem-solving skills and composure in a fast-paced environment
• Nice to have: CSSLP, AWS Security Specialty, CEH, ISO 27001 or similar certifications