- Company Name
- Venusgeo Solutions
- Job Title
- Security Engineer
- Job Description
-
**Job Title:** Security Engineer
**Role Summary:**
Secure design, development, and delivery of software products through vulnerability assessment, remediation, and automation. Integrate static and dynamic analysis tools into CI/CD pipelines, enforce secure coding practices, and provide AI‑focused security guardrails. Mentor peers and communicate risk posture to stakeholders.
**Expectations:**
- Minimum 8 years of application security or secure software engineering experience.
- Proficient in at least one of Python, Java, JavaScript, or C#.
- At least 3 years of automation development (Python, Java, or PowerShell).
- Local candidate required to work hybrid onsite (Tue‑Thu).
- Strong analytical, communication, and mentoring skills.
**Key Responsibilities:**
- Identify, triage, and remediate vulnerabilities (injection flaws, insecure deserialization, misconfigurations).
- Integrate and maintain SAST and DAST tools (Veracode, GitHub, etc.) within CI/CD workflows (CloudBees, Jenkins, Buddy, UrbanCode).
- Design guardrails for AI‑powered applications (prompt injection, model inversion, data poisoning).
- Develop and enforce secure coding standards with development teams.
- Build and maintain CI/CD pipelines, GitHub Advanced Security features, and DevOps automation (GitHub Actions, Azure DevOps).
- Conduct security assessments, produce actionable recommendations, and maintain documentation.
- Mentor junior engineers and promote security awareness across the organization.
- Work with APIs, endpoints, and databases to create integrated security solutions.
- Utilize IDEs (VS, VS Code, Eclipse) for secure development and debugging.
- Apply container security, infrastructure‑as‑code scanning, and cloud‑native security techniques (AWS, Azure, GCP).
**Required Skills:**
- Deep knowledge of security vulnerabilities across Python, Java, JavaScript, C#.
- Scripting in Python, Java, PowerShell, Shell, Azure CLI, ARM templates.
- Proficiency with OWASP Top 10 and SANS Top 25 vulnerabilities.
- Experience with SAST/DAST solutions (Veracode, GitHub Code Scanning).
- Automation of security checks within CI/CD pipelines (Jenkins, Azure DevOps).
- Familiarity with OWASP Dependency‑Check and third‑party risk tools.
- Strong analytical, troubleshooting, and communication abilities.
**Required Education & Certifications:**
- CompTIA Security+ (or equivalent) mandatory.
- Preferred additional certifications: CISSP, OSCP, GIAC.
- Bachelor’s degree in Computer Science, Information Security, or related field (degree not stated explicitly, but implied education).
Fort worth, United states
Hybrid
Senior
08-12-2025