SecOps Engineer
Posted Today by micro1
Negotiable
Undetermined
Remote
United Kingdom
Summary: Join a remote team as a SecOps Engineer, focusing on securing complex applications and infrastructure through vulnerability detection, secure code review, and proactive remediation. This expert-level role requires collaboration with professionals in a dynamic, security-driven environment, ensuring robust defenses against evolving threats. The position emphasizes effective communication and technical skills to drive security initiatives.
Key Responsibilities:
- Perform expert-level secure code reviews with a focus on OWASP Top 10 and CWE vulnerability classes.
- Identify, triage, and remediate application-layer vulnerabilities, including broken access control, IDOR, SQL injection, command injection, and deserialization flaws.
- Develop and maintain security automation tools using Python, GoLang, or JavaScript/TypeScript to streamline vulnerability detection and remediation processes.
- Conduct and document penetration tests, collaborating cross-functionally to drive remediation initiatives.
- Advise development teams on secure coding practices, bringing a proactive security mindset into the software lifecycle.
- Stay informed of emerging threats and incorporate best practices within the customer's environments.
- Communicate effectively through detailed written reports and verbal briefings, ensuring security findings are clearly understood and actionable.
Key Skills:
- 5+ years of hands-on experience in software engineering or security operations with a focus on application-layer security.
- Proficiency in Python, GoLang, Rust, JavaScript, or TypeScript.
- Demonstrated expertise in secure code review and professional penetration testing.
- Strong familiarity with OWASP Top 10, CWE, and modern vulnerability classes.
- Proven ability to detect, prioritize, and remediate vulnerabilities in production applications.
- Exceptional written and verbal communication skills, with a strong emphasis on clarity and detail.
- Fluent English and availability for at least 6+ hours overlap with Eastern Time.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Job Title: SecOps Engineer
Job Type: Contractor
Location: Remote
Job Summary: Join our customer's team as a SecOps Engineer, where you'll play a pivotal role in securing complex applications and infrastructure. This expert-level position focuses on vulnerability detection, secure code review, and proactive remediation, ensuring robust defenses against evolving threats. Collaborate remotely with like-minded professionals, leveraging your technical and communication skills in a dynamic, security-driven environment.
Key Responsibilities:
- Perform expert-level secure code reviews with a focus on OWASP Top 10 and CWE vulnerability classes.
- Identify, triage, and remediate application-layer vulnerabilities, including broken access control, IDOR, SQL injection, command injection, and deserialization flaws.
- Develop and maintain security automation tools using Python, GoLang, or JavaScript/TypeScript to streamline vulnerability detection and remediation processes.
- Conduct and document penetration tests, collaborating cross-functionally to drive remediation initiatives.
- Advise development teams on secure coding practices, bringing a proactive security mindset into the software lifecycle.
- Stay informed of emerging threats and incorporate best practices within the customer's environments.
- Communicate effectively through detailed written reports and verbal briefings, ensuring security findings are clearly understood and actionable.
Required Skills and Qualifications:
- 5+ years of hands-on experience in software engineering or security operations with a focus on application-layer security.
- Proficiency in Python, GoLang, Rust, JavaScript, or TypeScript.
- Demonstrated expertise in secure code review and professional penetration testing.
- Strong familiarity with OWASP Top 10, CWE, and modern vulnerability classes.
- Proven ability to detect, prioritize, and remediate vulnerabilities in production applications.
- Exceptional written and verbal communication skills, with a strong emphasis on clarity and detail.
- Fluent English and availability for at least 6+ hours overlap with Eastern Time.
Preferred Qualifications:
- Experience deploying, integrating, or maintaining vulnerability management platforms.
- Certifications such as OSCP, GIAC, or equivalent are advantageous.
- Background in cloud or container security practices.