Staff Security Software Engineer

### Who you are
- This is a high-impact, high-ownership role for someone who wants to do meaningful engineering work while shaping how security gets done at scale
- 8+ years of industry software engineering experience, with a meaningful portion of that spent in security engineering, platform engineering, or infrastructure-adjacent domains
- Deep proficiency in Python, with a strong track record of writing production-grade, tested, maintainable code in complex systems
- Demonstrated experience owning and delivering end-to-end engineering projects, from early-stage design through production deployment and ongoing operation
- Solid understanding of vulnerability management concepts, including how vulnerabilities are discovered, classified, prioritized, and remediated in enterprise environments
- Experience building or maintaining integrations with security tooling such as vulnerability scanners, SIEM systems, or similar platforms
- Comfort working with CI/CD pipelines, version control workflows, and modern software delivery practices
- Experience working across teams and communicating technical concepts clearly to both engineers and non-technical stakeholders
- Strong judgment in the face of ambiguity, and a track record of asking the right questions before building rather than after
- Hands-on experience with vulnerability management tooling such as Wiz, Tenable/Nessus, Twistlock, or similar products, particularly in cloud or containerized environments
- Familiarity with compliance frameworks relevant to government or regulated environments, such as FedRAMP or DoD IL5/IL6
- Experience working with large-scale vulnerability aggregation systems or homegrown data pipelines that normalize findings across multiple scanners
- Background in building automated remediation workflows, such as automated PR generation for dependency vulnerabilities or patch orchestration across diverse package ecosystems
- Experience with cloud environments (AWS, Azure, GCP) and containerized workloads at scale
- Contributions to the security or software community through open-source projects, published research, conference talks, or similar

### What the job involves
- As a Staff Software Engineer on the Vulnerability Management team, you will serve as a technical anchor for a team that builds and maintains the systems and tooling we rely on to detect, track, and remediate security vulnerabilities across our organization
- You will drive technical strategy for how we automate and scale vulnerability management, work closely with security engineers, product teams, and infrastructure partners to tackle complex cross-functional challenges, and help raise the bar for how the team builds software
- Own the technical architecture and roadmap for vulnerability management tooling, including systems that automate identification, prioritization, tracking, and remediation of vulnerabilities across diverse ecosystems and environments
- Lead the design and development of high-quality, scalable engineering solutions, balancing long-term maintainability with the practical needs of a fast-moving security organization
- Drive integration strategy across vulnerability scanners, aggregation pipelines, and downstream systems, making principled decisions about data ownership, tool consolidation, and signal quality
- Define and evolve the metrics and reporting frameworks the team uses to measure program effectiveness, moving the organization toward risk-based measurement rather than activity-based compliance tracking
- Partner with cross-functional stakeholders including infrastructure, platform engineering, and product security teams to identify opportunities to embed security automation deeper into the development lifecycle
- Identify systemic gaps and ambiguous, high-priority problems that cut across team boundaries, propose solutions, and drive them to completion with or without direct authority
- Provide technical mentorship, design reviews, and code reviews to engineers on the team, helping others grow and maintaining a high standard of engineering craft
- Contribute to architectural decisions, tooling selections, and process improvements that have lasting impact on how the broader security organization operates

### The application process
- End Date: April 30, 2026

### Benefits
- Medical Care
- Life Insurance
- Retirement Savings
- Employee Assistance Programs
- With 9 standard holidays and four floating holidays, you get a total 13 paid days off each year