RemoteLeaf Logo
Log in Sign up

Senior Security Architect

1 month ago
United States
Full-time
Senior
Application Security Engineer
DevOps and Infrastructure
AWS Azure Bash CI/CD DevSecOps GCP Go Network Security Penetration Testing Python Secrets Management SIEM
Apply Now
Dispel

Dispel

Dispel is a leading provider of OT Zero Trust Access & Control solutions, offering secure remote access, data streaming, and asset visibility for industrial control systems and operational technology. Their intelligent tools and global support team ens...

Industrial Conglomerates
51-250
Founded 2014
View All Jobs

Description

  • Plan and execute internal red team engagements and regular penetration testing of applications, APIs, cloud infrastructure (including AWS GovCloud), and network segments.
  • Develop and maintain adversary emulation capabilities aligned with MITRE ATT&CK for ICS and document findings with actionable remediation guidance.
  • Lead threat modeling sessions for new features and architectural changes (using STRIDE, PASTA, or attack trees) and review/approve security architecture and security requirements before implementation.
  • Design and implement deception technologies and honeypots, and develop adversary playbooks that inform SOC runbooks and detection rules.
  • Integrate offensive findings into purple team exercises, bridge red and blue team activities, and support SOC maturation through training and tabletop exercises.
  • Implement and maintain security controls in CI/CD pipelines (SAST, DAST, SCA, secrets/container scanning), define security gates for code promotion, and review infrastructure-as-code for misconfigurations.
  • Establish software supply chain security controls (SBOM generation, dependency verification) and integrate security testing into GitHub workflows.
  • Stand up and operationalize a vulnerability management program, define severity thresholds/SLAs/escalation procedures, triage and prioritize vulnerabilities, and track remediation to resolution.
  • Coordinate external penetration testing firms for annual assessments and participate in Change Control Board (CCB) reviews with security sign-off authority.

Requirements

  • 8–12 years of experience in cybersecurity with 5+ years in offensive security, application security, or security architecture.
  • Demonstrated experience conducting penetration testing and red team operations.
  • Strong knowledge of cloud security with AWS required and familiarity with AWS GovCloud; Azure/GCP experience beneficial.
  • Hands-on experience with CI/CD security tooling and DevSecOps practices, including SAST, DAST, SCA, secrets scanning, and container scanning.
  • Proficiency in at least one scripting/programming language (Python, Go, or Bash).
  • Hands-on experience with threat modeling methodologies (STRIDE, PASTA, attack trees).
  • Understanding of OT/ICS security concepts and protocols and experience with industrial/SCADA/PLC environments (preferred).
  • Experience with vulnerability management tools and processes and defining SLAs/escalation procedures.
  • Preferred experience with Moving Target Defense or software-defined perimeter technologies and familiarity with zero trust architecture principles.
  • Preferred compliance experience with frameworks such as FedRAMP, CMMC, IEC 62443, NERC-CIP, and NIST 800-53/800-82.
  • Preferred certifications: OSCP/OSCE/OSWE, GPEN/GWAPT/GXPN or other GIAC certs, AWS Security Specialty, CISSP or CISM (not required).
  • Must be a US Person (citizen or permanent resident); ability to obtain and maintain security clearance preferred.
  • Previous startup or high-growth company experience is beneficial.

Benefits

  • Competitive salary with equity and opportunity for incentive units grant.
  • Performance bonus and salary range for the role: $100,000–$134,000.
  • Comprehensive health, dental, and vision insurance.
  • 401(k) with company match.
  • Generous paid time off and holidays.
  • Remote-first culture with flexible hours and opportunities for remote work.
  • Career growth opportunities and collaborative team environment.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Toyota Tsusho Systems

Principal Embedded Software Developer (VSE)

Toyota Tsusho Systems 51-250 IT Services

Principal Software Engineer at Toyota responsible for architecting and delivering secure, mission-critical in-vehicle embedded software and driving production-quality feature implementations.

United States Full-time Lead Application Security Engineer Embedded Systems Engineer
C C++ CI/CD Cybersecurity Embedded Systems Encryption HIPAA OWASP Penetration Testing Rust TLS
1 month ago
Samsara

Senior Security Engineer - Threat Modeling

Samsara 1K-5K IT Services

Senior Security Engineer at Samsara, responsible for leading and owning the company’s threat modeling program and related application/product security efforts to reduce software risk and protect customers while working cross-functionally across engineering, product, and security teams.

United States Full-time Senior Application Security Engineer
$158k-$265k
AWS Go IoT Python
1 month ago
Veeam Software

Senior DevSecOps Engineer

Veeam Software 1K-5K Internet Software & Services

Senior DevSecOps Engineer at Veeam responsible for integrating and operating security controls across the software development lifecycle to embed SAST/SCA and other security tooling into CI/CD pipelines and reduce supply-chain risk.

Portugal Full-time Senior Application Security Engineer DevOps Engineer
Ansible Azure Bash CI/CD CloudFormation DevSecOps Docker Git Helm Jenkins Kubernetes Linux Network Security PowerShell Python TeamCity Terraform YAML
1 month ago
Databricks

Staff Product Security Engineer

Databricks 1K-5K IT Services

Individual contributor on Databricks' Product Security team responsible for managing SDLC security functions across products to reduce vulnerabilities and minimize externally reported security issues in Databricks services.

Netherlands Full-time Senior Application Security Engineer
Apache Spark HIPAA Java JavaScript MLflow Python Scala
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers