HighLevel

HighLevel

HighLevel provides an all-in-one sales and marketing platform that agencies can white label and resell, offering tools and resources designed to help businesses consolidate their marketing efforts and achieve their growth objectives.

Internet Software & Services
251-1K
Founded 2018
$60M raised

Description

  • Perform and lead manual and automated penetration testing across applications, APIs, and cloud services.
  • Drive threat modeling and secure architecture reviews across application and infrastructure layers.
  • Collaborate with Infra/DevOps on cloud network architecture, including VPC design, security groups, routing, and segmentation.
  • Design and advise on cloud-native security controls such as IAM hardening, role boundaries, secrets management, and least privilege.
  • Evaluate and improve Kubernetes and container security posture across runtime, image, and network layers.
  • Implement secure-by-default patterns across the SDLC, CI/CD, and Infrastructure-as-Code.
  • Monitor emerging threats, CVEs, and vulnerabilities relevant to the web, cloud, and infrastructure stack.
  • Influence internal security tooling, automation pipelines, and security review processes.
  • Serve as a security advisor to engineering, SRE, and product teams on key projects.

Requirements

  • 8+ years of total experience in Application Security, Security Engineering, or Penetration Testing roles.
  • Strong hands-on experience with threat modeling, secure architecture reviews, and penetration testing.
  • Familiarity with OWASP Top 10, STRIDE, and modern security frameworks.
  • Experience with tools such as Burp Suite, ZAP, Snyk, Metasploit, and Semgrep.
  • Ability to read and analyze code in JavaScript, Go, PHP, or Node.js.
  • Working knowledge of cloud security principles, preferably AWS.
  • Experience with multi-tenant SaaS platforms or white-labeled architectures is preferred.
  • Familiarity with network-level security concepts such as VPC design, IAM, and zero-trust networks is preferred.
  • Exposure to container security, including Docker and Kubernetes, is preferred.
  • Hands-on experience with IaC security and CI/CD pipelines such as GitHub Actions and Terraform is preferred.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Active Directory / Identity Engineer

Keywords Studios 10K-50K Internet Software & Services

Keywords Group is seeking an experienced Active Directory SME and Azure Identity Lead to guide company-wide identity architecture and support global IT across on-premises and cloud environments.

Active Directory Cybersecurity DHCP DNS PowerShell
20 hours, 38 minutes ago

Senior Security Compliance Engineer

Klaviyo 1K-5K IT Services

Klaviyo is seeking a Senior Security Compliance Engineer to help its Security Trust & Risk team automate and scale compliance operations, continuous monitoring, and GRC tooling across a fast-growing AI-first B2C CRM platform.

AWS CI/CD Go HIPAA Kubernetes Python REST API SQL
21 hours, 23 minutes ago

Website Security Engineer

PetDesk 51-250 Health Care Providers & Services

PetDesk is hiring a Website Security Specialist to protect its website portfolio by preventing vulnerabilities, responding to incidents, and maintaining secure technical operations across the full site lifecycle.

WordPress
21 hours, 24 minutes ago

Principal AI Security Specialist - Federal

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a Principal AI Security Specialist to lead field-facing enterprise AI security engagements, helping Fortune 500 customers adopt GenAI securely across complex sales cycles.

Cybersecurity Generative AI LLM
1 day, 20 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers