Designs and builds autonomous vulnerability automation pipelines using AI tools to discover assets, scan vulnerabilities, harden configurations, and auto-remediate in cloud-native environments. Requires 5+ years in security engineering, DevSecOps, IaC, and cloud security tools.
170k – 190k/yr
Remote5+ YOESecurity Engineering
About the role
Responsibilities
Design and implement end-to-end vulnerability automation pipelines for asset discovery, configuration assessment, vulnerability identification, and remediation without manual intervention.
Build and maintain agentic AI workflows using tools like Claude Code and MCP integrations for security tasks including code review, configuration drift detection, and patch deployment.
Engineer automated asset discovery and inventory systems for real-time views of infrastructure, including ephemeral and containerized workloads.
Develop automated configuration hardening pipelines enforcing CIS Benchmarks with drift detection and auto-remediation.
Create infrastructure-as-code templates (Terraform), policy-as-code rules, and automated playbooks embedding security into deployment pipelines.
Build self-service remediation tooling and agentic support systems for dev and infra teams.
Integrate vulnerability data sources (Tenable, Qualys, Wiz, Snyk, Trivy, Grype) into unified platforms with prioritization.
Develop metrics, dashboards, and automated reporting for vulnerability posture visibility.
Collaborate to embed automation into CI/CD pipelines and workflows.
Requirements
5+ years in security engineering, DevSecOps, vulnerability management, or infrastructure automation.
Experience building automation pipelines with Python, Go, Bash, Terraform.
Proven work in cloud-native environments with Kubernetes, serverless, CI/CD.
Experience with vulnerability scanning tools and programmatic integration.
Deep knowledge of vulnerability classes (OWASP Top 10, CWE, CVE/CVSS, EPSS).
Proficiency with AI-assisted tools (Claude Code, GitHub Copilot).
Strong software engineering: Git, code review, testing, CI/CD, API design.
Hands-on with cloud security (AWS Config, GuardDuty, Inspector, Security Hub).
Nice-to-Haves
MCP integrations, custom AI tool-use pipelines, open-source security automation.
Security Engineer responsible for endpoint security architecture, MDM administration (Jamf, Intune), compliance enforcement, and automation across macOS, Windows, iOS, and Android devices. Requires 3-6 years MDM experience, OSQuery/CrowdStrike expertise, and a security-first mindset.
170k – 205k/yr
On-site3+ YOESecurity Engineering
Software Engineer, Trust & Safety
SunoSan Francisco, CA
Suno is seeking a Software Engineer, Trust & Safety to protect its platform and users from abuse, fraud, and harmful content. This role involves building data pipelines, anomaly detection systems, and internal tools to ensure user safety and platform integrity.
170k – 240k/yr
On-site3+ YOESecurity Engineering
Software Engineer, Security Infrastructure
SiftstackMarina del Rey, CA +2
Builds and automates security controls, tooling, and compliance for AWS, Kubernetes, and CI/CD in cloud-native environments. Requires 4+ years in security engineering with hands-on IaC, scripting, and frameworks like SOC 2/FedRAMP.
170k – 220k/yr
Hybrid4+ YOESecurity Engineering
Incident Response Security Engineer
ClickhouseUnited States
Handles security incidents, develops detection and response processes, maintains logging platforms, and automates risk mitigation for cloud services. Requires experience in incident response, threat modeling, cloud security, and programming in Golang/Python.
169k – 225k/yr
RemoteSecurity Engineering
Security Engineer, Detection & Response
LiftoffUnited States
Security Engineer focused on operating the SIEM, building AI-augmented detection tooling, triaging alerts, and leading incident response for a high-scale mobile adtech platform.