Cybersecurity Engineer implementing Zero Trust Reference Architecture solutions at Mythics. Deploying and maintaining Forescout platform within secure environments.
About the role
- Lead the application security program with a focus on securing CI/CD pipelines, cloud-native apps, and microservices.
- Manage a team of DevSecOps engineers and security champions across development squads.
- Develop and implement scalable security tooling, static and dynamic code analysis software composition, and Software Bill of Material.
- Integrate AI and machine learning tools for threat modeling, code analysis, and anomaly detection.
- Collaborate with development, infrastructure, and product teams to ensure secure architecture and coding practices.
- Establish AppSec policies, threat modeling frameworks, and secure coding guidelines.
- Build metrics and reporting to track the effectiveness of AppSec initiatives and risk posture.
- Evaluate and implement AI-based AppSec tools and integrations within the DevSecOps toolchain.
- Lead incident response and secure code review processes for critical applications.
- Act as the primary point of contact for application security audits and compliance initiatives.
Requirements
- 7+ years of experience in application security, including 2+ years managing security teams.
- Strong knowledge of secure coding practices in modern languages (e.g., Python, Java, JavaScript, Go).
- Experience deploying and managing AppSec tools such as SAST, DAST, SCA, IaC scanners, Application Security Posture Management (ASPM) and secrets detection tools.
- Hands-on experience in CI/CD platforms (e.g., GitHub Actions, GitLab CI, Jenkins, Azure DevOps).
- Solid understanding of cloud-native architectures (AWS/GCP/Azure), containers (Docker), and orchestration (Kubernetes).
- Experience with Infrastructure-as-Code (e.g., Terraform, CloudFormation) and securing DevOps pipelines.
- Familiarity with AI-driven AppSec tools for vulnerability management, threat detection, and LLM-assisted secure code review.
- Experience with LLMs (e.g., OpenAI GPT, Gemini) for code analysis, threat modeling, secure coding guidance or vibe coding.
- Understanding of prompt engineering, model fine-tuning, or integrating AI APIs into security workflows.
- Bonus: Experience in AI security (e.g., adversarial ML, model poisoning, AI system threat modeling).
- Bonus: Experience in SAP Security, code review, vulnerability management, and threat monitoring.
- Bachelor’s degree in a relevant field or proven record of experience in Information Technology and Cyber Security roles.
- Certifications: OSCP – Offensive Security Certified Professional (Required or strong preference) GWAPT - GIAC Web Application Penetration Tester OSWE – Offensive Security Web Expert (Preferred) CISSP – Certified Information Systems Security Professional (Preferred) GPEN – GIAC Penetration Tester (Preferred) AI/ML Certifications – e.g., Microsoft AI-102, Google Cloud ML Engineer, or similar (Bonus)
Benefits
- Health and Wellness: We offer a range of medical, dental and vision insurance plans, as well as mental health support and wellness initiatives to promote overall well-being.
- Retirement Savings: We offer retirement benefits options, which vary by location. In the U.S., our competitive 401(k) Plan offers a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately.
- Employee Assistance Program: Confidential counseling services and resources are available to all employees.
- Matching charitable donations: Corebridge matches donations to tax-exempt organizations 1:1, up to $5,000.
- Volunteer Time Off: Employees may use up to 16 volunteer hours annually to support activities that enhance and serve communities where employees live and work.
- Paid Time Off: Eligible employees start off with at least 24 Paid Time Off (PTO) days so they can take time off for themselves and their families when they need it.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
WA
WattpadSecurity Governance Manager
Security Governance Manager at WEBTOON responsible for IT and Security governance framework. Collaborating with Legal, Product, and Engineering teams in Los Angeles headquarters.
CS
Commonwealth Fusion SystemsManager, Cybersecurity – Operations
Manager of Cybersecurity leading the company's cybersecurity initiatives at Commonwealth Fusion Systems. Responsible for security policies and team management to protect information assets from cyber threats.
Principal Cloud Operations Developer at AVEVA enhancing Cloud security and leading deployment process improvements. Collaborating with development teams to ensure operational security, stability and scalability.
CO
ConstelliumCybersecurity Manager
Responsable cybersécurité gérant la sécurité informatique de l'entreprise. Évaluant la conformité des systèmes d'information et pilotant la feuille de route cybersécurité.
DE
Daikin EuropeInformation Security Officer – ISO
Information Security Officer ensuring legal and cybersecurity compliance across IoT product development at Daikin. Supporting development teams and managing security awareness training.
NB
Newell BrandsEmployé technique, sécurité
Security employee monitoring site safety at Newell Brands, ensuring compliance with safety protocols. Supports services in emergency response and monitors site safety continually.
HS
HF SinclairIntern, Cybersecurity
Cybersecurity Intern assisting the Cyber GRC team and Project Manager at HF Sinclair. Gaining hands - on experience in Security Operations and Cyber Risk Management during the summer of 2026.
Associate Director overseeing Network Security Governance at Novartis in Prague or Hyderabad. Driving cyber maturity, risk management, and governance frameworks for secure network environments.
NI
NTT DATA, Inc.Senior Associate Security Consultant – GRC
Senior Associate Security Consultant at NTT DATA making a difference through technical excellence in diverse teams. Collaborating on innovative technology and consulting projects in security consultancy.