How you will make a difference
- Threat Modeling: Lead the development of comprehensive threat models for new and existing products to identify, assess, and mitigate security risks.
- Vulnerability Management: Establish and manage a vulnerability management lifecycle for our applications, ensuring timely detection, reporting, and remediation of security vulnerabilities.
- Security Programs: Design and implement application security programs focused on building security into the software development lifecycle (SDLC) and establishing secure coding practices.
- Collaboration with Engineering: Partner with product and engineering teams to integrate security requirements into architectural designs and development processes.
- Security Audits & Assessments: Conduct regular security assessments of applications and infrastructure, focusing on identifying areas of weakness and recommending actionable improvements.
- Security Incident Response: Support the incident response team in application-related security incidents by providing expertise on containment, eradication, and post-incident analysis.
- Security Awareness: Mentor and coach engineering teams on security best practices and create security awareness initiatives tailored to the development environment.
- Automation & Tooling: Drive the adoption of security automation, including code scanning, security testing, and CI/CD pipeline integration to streamline security processes.
We’d love to hear from you if you have
- Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
- 8+ years of experience in application security, preferably within a SaaS environment.
- Strong proficiency in threat modeling, secure coding practices, vulnerability management, and incident response.
- Hands-on experience with security tools such as static/dynamic analysis tools (SAST, DAST), penetration testing tools, and CI/CD pipeline integration.
- Familiarity with modern programming languages (e.g., Python, JavaScript, Go) and cloud platforms (e.g., AWS, GCP, Azure).
- Industry certifications such as CISSP, OSCP, or CEH are a plus.
- Required to work on-site 3 days a week (Tuesday, Wednesday, Thursday) in San Francisco or 4 days a week (Monday through Thursday) in Miami. Managers may require additional on-site days.
Competencies
- Technical Leadership: Demonstrated ability to lead and guide teams in the development and execution of security initiatives.
- Threat Analysis: Strong understanding of threat modeling techniques, application security risks (OWASP Top Ten), and secure coding practices.
- Risk Management: Expertise in managing security vulnerabilities and threats through identification, prioritization, and mitigation strategies.
- Communication: Excellent communication skills to effectively collaborate with cross-functional teams, present complex security concepts, and advocate for secure design practices.
- Innovation & Problem Solving: Creative thinker with the ability to develop novel security solutions in response to emerging threats and vulnerabilities.
- Continuous Improvement: Strong commitment to staying up-to-date with evolving security standards and best practices, and a passion for continuous learning and improvement.
Other Jobs from Kandji
Senior Full Stack Engineer, Experience
Engineering Lead, Experience
Senior Data Engineer II
Senior QA Engineer
Senior Software Engineer, Full Stack
Similar Jobs
Software Engineer III, Backend
Senior Software Engineering
Senior Data Engineer
Engineering Manager, Clinician Experience
Software Engineer, Test & Privacy
Software Engineer, Product | Ingénieur(e) logiciel, Produit
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 389 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- Salaries for the engineering jobs on our site range from $100K-$200K. On average, senior engineer positions on our EchoJobs are about $160K.
- The EchoJobs positions have been sourced and vetted from the top companies to work for in the US as a software engineer, including LinkedIn and other reputable job sites. We also have syndicated jobs from companies that have just raised funding, as well as those that have great unique products and culture. From all of these sources, our founder, Morgan, has also resourced the company's authenticity in terms of their website, public appearance, and more.
- Yes, our users asked us for just this, so now our search filters allow you to search for your top jobs via location, as well as by onsite, remote, or both. Approximately 30% of our jobs are remote, so you’ve got the best options for you!
- We have not yet implemented this option, but are considering doing so in the future. For the moment, you would need to cancel your subscription, and resubscribe when you wanted to come back.
- We add new jobs to EchoJobs every day! We scan our sources for the newest jobs, verify them, and post them to EchoJobs within minutes. We add about 2,000-3,000 new jobs for you each day!
- From starting your job search to getting hired, the entire job search process can take us software engineers anywhere between 3-6 months. However, at EchoJobs, we’re striving to shorten this duration by finding the best, newest jobs for you, so you can do less job searching, and more applying.
- We’d recommend checking EchoJobs daily, as we add new jobs to the site each day. Additionally, if you got a chance to read our previous email on “what makes EchoJobs different from any other job search tools,” we also recommended that you set a job alert based on your job filters, so if you get emails on those new jobs, you could be checking more than once per day.
- If you decide to continue with us after the 1-month trial, we definitely recommend this, as we all know it usually takes 3-6 months to find a quality job as a software engineer these days. So to best support you, we just adjusted our membership options at EchoJobs to monthly, 3 months, or 12 months (this option is more for passive job seekers looking a little bit for the future if they want to come back to work or make a job switch potentially. This lets you see what’s out there in case an even better fit job becomes available.)
- EchoJobs is truly the only job site of its kind. We want to be THE spot for you to find the best job for you, and haven’t encountered any other company doing this. Other job sites are in niches besides software engineering or focus on a small portion of engineering jobs (like a specific coding language). In the words of Morgan, our founder, “I think what makes EchoJobs different is the amount of jobs, frequency that we add new jobs (we add 2,000-3,000 new jobs daily!), and the powerful search engines to find exactly the job you want more easily and efficiently. We can provide you with the most jobs that are vetted by us, we’ll continually find more new jobs for you, and we make it easier for you to apply and get hired.
What Fellow Engineers Say