# Senior Staff Security Engineer, Vulnerability Management

**Company:** [Zocdoc](https://hotfix.jobs/companies/zocdoc)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $200k – $290k/yr
**Experience:** 8+ years
**Skills:** Vulnerability Management, Offensive Security, Red Teaming, Purple Teaming, Penetration Testing, AWS, GCP, Azure, Docker, Kubernetes, Python, Go, Rust, SAST, DAST
**Posted:** 2026-07-14

> Senior Staff Security Engineer owning the roadmap for an AI-driven vulnerability scanning, triage, and automated remediation platform. Requires 8+ years in security engineering with deep cloud/container expertise, offensive security experience, and proficiency in Python/Go/Rust.

## Job Description

## Your day to day is…

- Owning the technical roadmap for an automated, AI-driven vulnerability scanning platform across cloud infrastructure, container registries, operating systems, and application-layer software.
- Building context-engine models that correlate findings from SAST, DAST, SCA, and cloud posture tooling to determine true runtime exploitability.
- Implementing AI-assisted triage workflows that classify vulnerabilities, reduce false positives, and route validated issues to the right engineering teams.
- Leading targeted red teaming and collaborative purple teaming exercises to validate exploitable paths and strengthen runtime defenses.
- Partnering directly with Software Engineering and DevOps to build automated remediation pipelines, including dependency update pull requests and base-image patching workflows.
- Engineering security scanning guardrails into CI/CD pipelines and providing structured telemetry to support continuous compliance and executive risk visibility.
- Working with cutting-edge GenAI tools and technology to analyze findings, improve prioritization, and accelerate remediation workflows.

## You’ll be successful in this role if you have…

- Meaningful experience in security engineering, vulnerability management, or software development, with at least 8 years focused on infrastructure, container platforms, and product security.
- A proven track record of writing production-grade automation scripts and building custom security tooling at scale.
- Hands-on experience planning or executing offensive security exercises, red teaming, purple teaming, or penetration testing.
- Deep experience securing cloud infrastructure and containerized ecosystems using platforms such as AWS, GCP, or Azure, along with Docker and Kubernetes.
- Advanced proficiency in Python, Go, or Rust to build automation, integrate scanner APIs, and orchestrate automated patching workflows.
- Strong familiarity with adversarial frameworks, vulnerability scoring systems such as CVSS and EPSS, and common application and infrastructure attack vectors including the OWASP Top 10.
- Experience integrating security scanners into CI/CD workflows and using AI or LLM APIs to analyze code or log data for rapid prioritization.
- Required: the ability to integrate generative AI tools into daily workflows to automate tasks, foster innovation, and maximize productivity.
- Advanced security certifications such as OSCE, OSCP, GXPN, CISSP, or equivalent practical engineering experience are highly valued.

## Benefits

- Flexible work environment
- Unlimited Vacation
- 100% paid employee health benefit options (including medical, dental, and vision)
- 401(k) with employer funded match
- Corporate wellness programs with Headspace and Peloton
- Sabbatical leave (for employees with 5+ years of service)
- Competitive paid parental leave and fertility/family planning reimbursement
- Cell phone reimbursement
- Employee Resource Groups and ZocClubs to promote shared community and belonging
- Great Place to Work Certified

## Similar roles

- [Staff Security Engineer](https://hotfix.jobs/jobs/e9f611f1-dee2-4b02-9c10-d55aacab5500) - Collective Intelligence Project - San Francisco, CA - $200k – $260k/yr
- [Staff Engineer, User Trust](https://hotfix.jobs/jobs/5ccd71c7-2192-4307-8c68-140cd612dcef) - Betterment - New York, NY - $200k – $238k/yr
- [Data Center Physical Security Systems Engineer](https://hotfix.jobs/jobs/af0435f9-6a5c-4c1c-9d04-fe0dc2b55c8a) - OpenAI - Remote - $205k – $335k/yr
- [Staff Engineer, Cloud Security](https://hotfix.jobs/jobs/99669566-c101-41a5-be5e-7cf047fbf291) - Illumio - Sunnyvale, CA - $194k – $233k/yr
- [Staff Engineer, Container Security](https://hotfix.jobs/jobs/22d8c1cd-947c-4f33-baf9-0806f0b90251) - Illumio - Sunnyvale, CA - $194k – $233k/yr

**Apply:** https://hotfix.jobs/jobs/48bab836-a257-4a63-898d-d884ea8db229
**Canonical:** https://hotfix.jobs/jobs/48bab836-a257-4a63-898d-d884ea8db229