Senior Security Engineer - Vulnerability Management

Samsara

7d•Remote

About The Position

We’re seeking a talented Senior Security Engineer with hands-on experience deploying, managing, and operating modern Vulnerability Management platforms. In this role, you’ll work alongside technical product managers and engineers across the company to maintain Samsara’s Vulnerability Management infrastructure and de-risk software vulnerabilities to better protect our customers. We seek someone who is passionate about leveraging automation to enhance efficiency, is enthusiastic about working with infrastructure-as-code, and has a wealth of experience collaborating with teams to reduce software vulnerabilities. Your contributions will be critical to shaping our overall security and compliance strategy. At Samsara, we value working backwards from winning as an operating principle. Your ability to define success and work with cross-functional stakeholders by working backwards to reach that success is pivotal. This is a remote position open to candidates residing in the US except the San Francisco Bay Metro Area, NYC Metro Area, and Washington, D.C. Metro Area. You will be regularly working with UK and India team employees who are also on your team via Zoom during United States standard working hours.

Requirements

6+ years of relevant experience with demonstrated impact for security engineering and vulnerability management in an enterprise environment.
Significant experience with vulnerability management tooling, in particular modern toolsets such as Wiz, or Semgrep.
Deep subject matter expertise with security engineering best practices for subjects such as CVSS, EPSS.
Strong familiarity with common security vulnerabilities and the ability to judge their severity and impact on the business.
Excellent development background with experience in Python or GoLang.
Strong DevOps, DevSecOps, or SRE background with experience in AWS cloud services, and Terraform
Experience using security automation platforms such as Tines and serverless frameworks such as AWS Lambda.
Deep understanding of Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), or Software Composition Analysis (SCA)

Nice To Haves

Practical experience managing vulnerabilities within a FedRAMP-certified environment.
Experience integrating vulnerability management into modern CI/CD pipelines with a “shift-left” mentality.

Responsibilities

Lead and own ongoing operation and maintenance of Samsara’s vulnerability management program, ensuring consistent execution of processes.
Assist in managing vulnerability scanning tools and help refine detection capabilities to improve accuracy and reduce false positives.
Work closely with the Vulnerability Technical Program Manager to generate and distribute monthly and quarterly compliance reports.
Collaborate with engineering teams to track and support the remediation of identified vulnerabilities, providing guidance on best practices.
Assist in analyzing and triaging vulnerabilities, escalating critical issues to senior security engineers or Security Operations as needed.
Participate in security incident investigations related to high-profile vulnerabilities, helping gather data and assess potential impact on Samsara infrastructure.
Contribute to documentation and process improvements to streamline vulnerability management workflows.
Champion Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) in daily work.
Be regularly on call to support.

Benefits

Full time employees receive a competitive total compensation package along with employee-led remote and flexible working, health benefits, and much, much more.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume