Lead Application & Cloud Security Engineer

About The Position

Requirements

• 10+ years of progressive experience in information security.
• Deep understanding of modern web application architectures (e.g., microservices, event-driven), cloud technologies (AWS, Azure, GCP), and secure coding principles.
• Extensive experience with application security testing methodologies (SAST, DAST, SCA, penetration testing), vulnerability management, and common web application vulnerabilities (OWASP Top 10).
• Demonstrated ability to define and execute security strategies, develop roadmaps, and translate complex technical concepts into actionable plans for various stakeholders.
• Exceptional communication, presentation, and interpersonal skills, with the ability to influence and collaborate effectively across all levels of the organization.
• Experience establishing and integrating security tooling into the product development lifecycle, including CI/CD pipelines, and driving automation efforts.
• Hands-on experience with tools like Semgrep, Dependabot, Qualys, and Lacework.

Nice To Haves

• Relevant Certifications (Preferred): CISSP, CSSLP, CCSP, or other industry-recognized security certifications.

Responsibilities

• Champion cloud and application security best practices and drive their adoption across Unqork's engineering organizations.
• Automate processes using policy as code.
• Oversee the identification and remediation of security vulnerabilities and misconfigurations.
• Lead the review process for all features, security patches, and bug fix requests, ensuring security is a foundational element of our development lifecycle.
• Execute on the strategic roadmap for Unqork's product security program (cloud and application security), aligning with business goals and risk tolerance.
• Mature our Secure Software Development Lifecycle (SSDLC) by integrating security controls, automation and tooling into our CI/CD pipelines and governing the security release process.
• Drive the SSDLC throughout Unqork, embedding security from design to deployment.
• Conduct threat modeling and architectural security reviews for all applications.
• Manage and mature our SAST, DAST, and SCA tooling, and spearhead vulnerability remediation efforts.
• Act as a subject matter expert, guiding development teams on secure coding practices and fostering a strong security culture across the organization.
• Ensure adherence to regulatory requirements and industry best practices by defining and enforcing secure architectures and security policies and standards within our Cloud Service Providers.
• Manage our monthly FedRAMP continuous monitoring and maintain cloud security policies in Cloud Security Posture Management systems.
• Review security notifications from AWS, GCP, and Azure, ensuring our security controls and configurations are consistently and effectively enforced.
• Partner with leadership in Security, Product, Engineering, and Legal to embed security ownership, drive architectural decisions, and manage risk.
• Create secure design requirements and conduct security testing for new platform features and infrastructure changes.
• Lead the product security aspects of incident response, guiding root cause analysis, driving remediation efforts, and implementing preventative measures.
• Collaborate with SecOps to enhance logging, monitoring, and detection for cloud and app-layer threats.
• Coordinate offensive security engagements and red/purple-team exercises leveraging offensive tooling and threat modeling to find weaknesses proactively.
• Define, implement, and enforce product security policies, standards, and guidelines, ensuring adherence to regulatory requirements and industry best practices.

Benefits

• Work from home with a remote-first community
• Unlimited PTO (and the encouragement to use it)
• Student loan payback program
• 100% employer-covered medical, dental, and vision options available to you and your dependents
• Flexible Spending Account (FSA)
• Monthly stipend toward your WFH setup, vacation, development and more
• Employer-sponsored 401(k) with contribution match
• Subsidized ClassPass Membership
• Generous Paid Parental Leave