Senior Machine Learning Engineer

As a Senior Software Engineer, Security, you will play a pivotal role in safeguarding our organization's digital assets by designing, implementing, and maintaining robust security solutions. You will focus on application security, vulnerability management, cloud security, vendor security, and ensuring security and privacy by design principles are embedded throughout the software development lifecycle. You will work closely with cross-functional teams, including Engineering, DevOps, and Product, to influence and execute security roadmaps and foster a culture of security-first thinking.

Collaborate with engineering teams to promote secure coding practices and integrate security tools into the CI/CD pipelines.
Collaborate with product and engineering teams to ensure security and privacy considerations are integrated into every phase of the SDLC.
Collaborate on development projects to build or enhance security features, create security roadmaps aligned with best practices and customer expectations, and guide product owners on threat modelling and attack surface analysis.
Perform static and dynamic application security testing (SAST/DAST) and perform vulnerability assessments to ensure secure development and delivery.
Define and embed security requirements throughout the development lifecycle, ensuring they are effectively implemented and aligned with organizational security standards.
Review application and system designs to ensure security requirements are appropriately traced, validate implementation plans, and recommend improvements to enhance the overall security posture.
Provide security guidance in implementing enterprise security technologies (such as DNS, Email, and Secure file transfers).
Ensure the effective operation of enterprise security tools and technologies, including 2FA/MFA for resource access, SIEM/SOAR/EDR, and endpoint security.
Certificate lifecycle management; Security configuration and vulnerability assessment.

You have 8+ years of experience working in backend software engineering, with at least 5+ years of acting as a senior security engineer, leading complex, cloud software security projects across teams.
Experience performing source code-enabled security assessments, root cause, and adjacency analysis.
Thorough knowledge of OWASP top 10 and other standards like NIST SP 800-64.
You have experience writing server-side code leveraging modern OOP practices using Ruby, and PostgreSQL.
Software development experience in one of the following core languages: Ruby, Java, Javascript, or Python
Strong communication and collaboration skills to work effectively with cross-functional teams and influence product security.
You're excited to work collaboratively within engineering and as part of a cross-functional team.