SecOps Engineer

As a SecOps Engineer, you will be instrumental in securing complex applications and infrastructure. This expert-level role emphasizes vulnerability detection, secure code review, and proactive remediation, ensuring robust defenses against evolving threats. You will collaborate remotely with a team of professionals, utilizing your technical and communication skills in a dynamic, security-focused environment.

• Perform expert-level secure code reviews focusing on OWASP Top 10 and CWE vulnerability classes.
• Identify, triage, and remediate application-layer vulnerabilities, including broken access control, IDOR, SQL injection, command injection, and deserialization flaws.
• Develop and maintain security automation tools using Python, GoLang, or JavaScript/TypeScript to streamline vulnerability detection and remediation processes.
• Conduct and document penetration tests, collaborating cross-functionally to drive remediation initiatives.
• Advise development teams on secure coding practices, integrating a proactive security mindset into the software lifecycle.
• Stay informed of emerging threats and incorporate best practices within the organization''s environments.
• Communicate effectively through detailed written reports and verbal briefings, ensuring security findings are clearly understood and actionable.

• 5+ years of hands-on experience in software engineering or security operations with a focus on application-layer security.
• Proficiency in Python, GoLang, Rust, JavaScript, or TypeScript.
• Demonstrated expertise in secure code review and professional penetration testing.
• Strong familiarity with OWASP Top 10, CWE, and modern vulnerability classes.
• Proven ability to detect, prioritize, and remediate vulnerabilities in production applications.
• Exceptional written and verbal communication skills, with a strong emphasis on clarity and detail.
• Fluent English and availability for at least 6+ hours overlap with Eastern Time.

• Experience deploying, integrating, or maintaining vulnerability management platforms.
• Certifications such as OSCP, GIAC, or equivalent are advantageous.
• Background in cloud or container security practices.

Contract position with remote work flexibility.

$30 - $100 per hour.

Must be fluent in English and available for at least 6 hours of overlap with Eastern Time.