Teramind - Manager, DevSecOps Engineering
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of experience in DevSecOps, application security, or security engineering • Demonstrated experience managing security in software development environments (not just ops/infrastructure) • Strong development background, proficiency in at least 1 language (eg: Python, Go, Java, C#) • Hands on experience with CI/CD security tooling (SAST/DAST/SCA integration, secrets management) • Experience with cloud security (AWS, Azure, or GCP) and container security (Docker, Kubernetes) • Familiarity with SOC 2 or ISO 27001 compliance frameworks • Excellent English communication skills (written and verbal) • Penetration testing experience or relevant certification (OSCP, CEH, GPEN) • Security certifications (CISSP, CSSLP, AWS Security Specialty, or similar) • Experience at a B2B SaaS or cybersecurity product company • Familiarity with insider threat, DLP, or endpoint security product domains
Responsibilities
• Security in the SDLC • Own and enforce DevSecOps practices across CI/CD pipelines (SAST, DAST, SCA, and other practices) • Integrate automated security tooling into development workflows; reduce manual security gates • Partner with development teams to perform secure code reviews and threat modeling • Vulnerability & Risk Management • Drive vulnerability identification, triage, and remediation across infrastructure and applications • Manage security tooling stack • Produce and maintain a risk register; track remediation SLAs • Penetration Testing, crowd testing & Incident Response • Lead or coordinate internal/external penetration testing cycles • Manage crowd testing campaigns • Develop and maintain an incident response playbook; support incident investigations • Compliance & Governance • Support compliance with SOC 2, ISO 27001, GDPR, and relevant data protection frameworks • Define and enforce security policies, standards, and developer security training • Leadership & Collaboration • Act as the primary security SME for the engineering organization • Mentor developers on secure coding practices; build a security-first engineering culture • Interface with external auditors, clients, and the executive team on security posture
Benefits
• This is a remote job. Work from anywhere! We’ve been thriving as a fully-remote team since 2014. To us, remote work means flexibility and having truly diverse, global teams. • Flexible paid time off • Laptop reimbursement • Ongoing training, development, and career growth opportunities • We use an open stack of technologies, so you have the chance to learn and evolve • High complexity of problems to solve, with active feature development - not just bugs & refactoring • Collaboration with a forward-thinking team where new ideas come to life, experience is valued, and talent is incubated. You can make an impact quickly.
No credit card. Takes 10 seconds.