# Member of Technical Staff, Security Operations
**Company:** [Anchorage](https://hotfix.jobs/companies/anchorage-digital)
**Location:** Remote
**Skills:** Python, Go, Semgrep, Codeql, Burp Suite, AWS, IAM, Vpcs, Cloudtrail, Vulnerability Management
**Posted:** 2024-12-04
> Develops security automation, conducts vulnerability assessments, penetration tests, and manages security operations including incident response and cloud guardrails for a crypto platform. Requires 3+ years in security engineering with strong coding and AWS skills.
## Job Description
## Responsibilities
- Build and maintain security automation and tooling to detect vulnerabilities through static and dynamic analysis across code and live systems.
- Conduct application security assessments, penetration tests, and code reviews to identify high-risk security issues and provide secure development guidance.
- Develop and operate vulnerability management workflows, partnering with engineering teams to prioritize and remediate findings.
- Establish and test security guardrails for code, cloud resources, and infrastructure components.
- Monitor and respond to security events and configuration anomalies, leading investigation and containment efforts.
- Manage the full vulnerability lifecycle from discovery through remediation.
- Lead Security Operations initiatives with minimal oversight.
- Deliver assurance artifacts for regulated entity requirements.

## Requirements
- 3+ years of hands-on experience in security engineering, application security, penetration testing, or security operations.
- Experience building or maintaining security tools, integrations, or automation workflows using **Python**, **Go**, or similar.
- Proficiency in vulnerability assessment in applications, APIs, and cloud infrastructure.
- Experience with static and dynamic analysis tools like **Semgrep**, **CodeQL**, **Burp Suite**.
- AWS security fundamentals including **IAM**, **VPCs**, **security groups**, **CloudTrail**.
- Incident response skills: investigate events, root cause analysis.
- Computer science fundamentals (concurrency, algorithms, data structures).

## Nice-to-Haves
- Experience with bug bounty programs (**HackerOne**, **Bugcrowd**).
- Regulated financial services, fintech, or crypto environment.
- Blockchain security, smart contract auditing, Web3 technologies.
- Open-source security tools contributions.
- Certifications (**OSCP**, **GWAPT**, **GCIH**, **AWS Security Specialty**).
**Apply:** https://hotfix.jobs/jobs/member-of-technical-staff-security-operations-at-anchorage-digital-229124aa-0c5d-4903-8be3-cb487420f73c
**Canonical:** https://hotfix.jobs/jobs/member-of-technical-staff-security-operations-at-anchorage-digital-229124aa-0c5d-4903-8be3-cb487420f73c