Senior Security Engineer Automation

About the Role

The role entails working closely with engineering teams to ensure timely remediation of vulnerabilities and collaborating with cross-functional teams to drive efficient vulnerability resolution across the organization. You will be responsible for owning and operating the end-to-end vulnerability management lifecycle, including identification, triage, prioritization, distribution, tracking, and reporting.

What You Will Do

• Design, implement, and manage the integration of security tooling (SAST, DAST, SCA, Secrets Scanning) into CI/CD pipelines
• Develop and maintain automation scripts and platforms to streamline security processes and workflows
• Own and operate the end-to-end vulnerability management lifecycle: identification, triage, prioritization, distribution, tracking, and reporting
• Collaborate closely with engineering teams to ensure timely remediation of vulnerabilities
• Develop and maintain comprehensive security documentation and training programs for engineering teams
• Conduct regular security reviews and penetration testing to identify and mitigate potential threats
• Collaborate with cross-functional teams to drive efficient vulnerability resolution across the organization
• Research emerging threats and craft effective mitigation strategies
• Empower engineering teams with comprehensive training and maintain up-to-date security standards
• Lead incident response efforts with precision and accuracy

What We Are Looking For

• 5+ years of experience in security engineering, with a focus on automation and vulnerability management
• Strong expertise in security tooling, including SAST, DAST, SCA, and Secrets Scanning
• Experience with CI/CD pipeline development and automation
• Strong understanding of cloud security, including cloud-based vulnerability management
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams
• Strong problem-solving skills, with the ability to analyze complex security issues and develop effective solutions
• Experience with compliance and regulatory requirements, including GDPR and HIPAA
• Strong understanding of security frameworks and standards, including NIST and ISO 27001

Nice to Have

• Experience with Cloudflare's WAF and other security tools
• Knowledge of programming languages, including Python and Java
• Experience with agile development methodologies and version control systems, including Git
• Certification in security engineering, such as CISSP or CEH

Benefits and Perks

• Competitive salary and benefits package
• Opportunity to work with a dynamic and innovative company that is shaping the decentralized economy
• Collaborative and supportive work environment with a strong emphasis on teamwork and professional development
• Flexible working hours and remote work options
• Access to cutting-edge security tools and technologies
• Comprehensive training and development programs to support ongoing learning and growth

• Be prepared to showcase your experience with security tooling and CI/CD pipeline development, and highlight your ability to work effectively with cross-functional teams.
• Develop a strong understanding of cloud security and vulnerability management, and be prepared to discuss your approach to identifying and mitigating potential threats.
• Create a comprehensive portfolio that showcases your security engineering skills and experience, and be prepared to walk through your approach to security documentation and training programs.
• Research MoonPay's commitment to trust, compliance, and financial freedom, and be prepared to discuss how your skills and experience align with the company's mission and values.
• Prepare to discuss your experience with compliance and regulatory requirements, and be prepared to highlight your knowledge of security frameworks and standards.
• Be prepared to negotiate your salary and benefits package, and don't be afraid to ask about opportunities for professional development and growth.