Staff SW Engineer

About The Position

Requirements

• 5+ years of relevant work experience with a Bachelor’s Degree or at least 2 years of work experience with an Advanced degree (e.g. Masters, MBA, JD, MD) or 0 years of work experience with a PhD, OR 8+ years of relevant work experience.
• Programming or scripting experience with Python, JavaScript, TypeScript, Java, Go, Bash, PowerShell, or similar, with practical use of AI-assisted development, automation, LLMs, prompt engineering, AI agents, RAG, or AI-enabled workflows.
• Knowledge of Windows, Unix/Linux, databases, middleware, firewalls, networking, IAM, cloud platforms, CI/CD, Docker, Kubernetes, Terraform, Ansible, AWS, Azure, or Google Cloud Platform.

Nice To Haves

• Degree in Science, Engineering, or Computer Science, Information Systems or related field.
• Experience with vulnerability management, secure coding, patching, compliance, remediation, and security testing practices such as SAST, DAST, SCA, secrets scanning, container scanning, and dependency scanning.
• Hands-on experience using widely adopted AI tools such as GitHub Copilot, ChatGPT, Claude, Codex, Gemini, Cursor, Microsoft Copilot, or similar tools to improve coding, debugging, documentation, testing, automation, and security analysis.
• Hands-on experience with software development, scripting, automation, application support, or security remediation.
• Working knowledge of the software development lifecycle and secure software delivery practices.
• Familiarity with security standards and frameworks such as NIST, ISO 27001, PCI DSS, SOC 2, FFIEC, GLBA, OWASP, and CIS Benchmarks.

Responsibilities

• Own the security and compliance posture of applications and supporting systems, ensuring alignment with enterprise standards, regulatory requirements, and risk tolerance.
• Drive end-to-end vulnerability management, including identification, prioritization, remediation, and closure of security findings, misconfigurations, and compliance gaps.
• Lead cross-functional remediation efforts by partnering with development, cybersecurity, infrastructure, database, middleware, cloud, and network teams to resolve complex security issues at scale.
• Design and implement automation and AI-enabled workflows to enhance vulnerability remediation, compliance tracking, reporting, and operational efficiency.
• Enable secure release practices by overseeing remediation across OS, database, middleware, network, firewall, dependencies, and application layers within release cycles.
• Conduct deep technical analysis of code, configurations, dependencies, logs, and system behavior to proactively identify security, quality, and reliability risks.
• Maintain and evolve system and security architecture documentation, including topology, application dependencies, network controls, and access boundaries.
• Establish and manage structured workflow tracking through JIRA or similar tools, ensuring visibility, prioritization, and timely closure of security-related workstreams.
• Support audit and regulatory activities by leading evidence collection, validating compliance controls, and driving remediation of audit findings and security exceptions.
• Evaluate and influence adoption of emerging technologies, including AI, cybersecurity, automation, and DevSecOps tools, through proofs of concept and recommendations.
• Continuously improve secure engineering practices, contributing to the development of standards, controls, and scalable processes across teams.
• Translate complex technical and security concepts into clear, actionable insights for both technical and non-technical stakeholders, enabling informed decision-making.

Benefits

• Medical
• Dental
• Vision
• 401(k)
• FSA/HSA
• Life Insurance
• Paid Time Off
• Wellness Program