Lead Engineer – Application Security Platform (Checkmarx | SRE & Automation)

About The Position

Requirements

• 5+ years of Systems Engineering, Technology Architecture experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 5+ years of experience in Platform Engineering, SRE, DevOps, or Systems Engineering roles
• Hands‑on experience with Checkmarx (SAST) or similar AppSec scanning tools (e.g., Fortify, Veracode, SonarQube)
• Strong experience with Windows-based systems , networking, storage, and performance tuning
• Solid understanding of CI/CD pipelines and DevSecOps practices
• Proven experience applying SRE principles (SLIs, SLOs, error budgets, toil reduction)
• Strong automation skills using Python, Bash, PowerShell, or similar scripting languages
• Experience with Infrastructure as Code (Terraform, Ansible, CloudFormation, ARM, etc.)
• Expertise in monitoring, logging, and alerting platforms (Splunk, Prometheus, Grafana, AppDynamics, Elastic, etc.)
• Deep troubleshooting skills across application, OS, database, and infrastructure layers

Nice To Haves

• Experience running security scanning platforms at enterprise scale (thousands of projects, high scan concurrency)
• Experience with container platforms (Kubernetes, OpenShift) and cloud environments (Azure, AWS, GCP)
• Knowledge of application security concepts (SAST, SDLC security, vulnerability management workflows)
• Experience with database platforms (MS SQL, PostgreSQL) and large‑scale data growth management
• Prior experience leading platform modernization or large tool upgrades

Responsibilities

• Platform Ownership & Reliability (SRE) Own end‑to‑end reliability, availability, and performance of the Checkmarx SAST platform across non‑prod, prod, and BCP environments
• Define and manage SLIs, SLOs, error budgets , and operational KPIs for scanning throughput, queue latency, and platform health
• Lead incident response , root cause analysis (RCA), and permanent remediation for platform outages or scan failures
• Proactively identify capacity, scaling, and performance bottlenecks (engines, managers, DB, storage, network)
• Automation & Engineering Excellence Design and implement automation for provisioning, configuration, scaling, upgrades, and maintenance of Checkmarx components
• Build Infrastructure as Code (IaC) using tools such as Terraform, Ansible, or equivalent
• Automate routine operational tasks (engine lifecycle, scan queue tuning, data retention, index maintenance, backups)
• Reduce toil by converting manual operational work into resilient, self‑healing automation
• DevSecOps & CI/CD Integration Own and enhance Checkmarx integrations with CI/CD platforms (GitHub, Jenkins, Azure DevOps, Harness, etc.)
• Ensure seamless developer experience with pipeline‑based security scanning and fast feedback loops
• Partner with Application Security teams to improve scan performance, false‑positive reduction, and adoption
• Observability & Monitoring Implement and maintain full‑stack observability (metrics, logs, alerts, dashboards) using tools such as Splunk, Prometheus, Grafana, AppDynamics, etc.
• Build actionable alerts to detect scan backlog growth, engine saturation, DB/storage issues, and platform degradation
• Drive proactive monitoring rather than reactive firefighting
• Modernization & Continuous Improvement Lead platform upgrades , hotfixes, and vendor‑recommended lifecycle management
• Drive containerization and cloud‑readiness initiatives for Checkmarx components where applicable
• Improve resiliency through active‑active / DR strategies , backup validation, and BCP testing
• Evaluate new Checkmarx features, plugins, and security scanning enhancements
• Technical Leadership Serve as SME and technical escalation point for Checkmarx across the enterprise
• Mentor engineers and promote SRE best practices, automation standards, and operational excellence
• Produce clear architecture, runbooks, and operational documentation
• Influence roadmap decisions with data‑driven insights and engineering rigor

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement