You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Shared by 
2 days ago
Requirements and responsibilities
Key Responsibilities Security in the SDLCOwn and enforce DevSecOps practices across CI/CD pipelines (SAST, DAST, SCA, and other practices)Integrate automated security tooling into development workflows; reduce manual security gatesPartner with development teams to perform secure code reviews and threat modelingVulnerability & Risk ManagementDrive vulnerability identification, triage, and remediation across infrastructure and applicationsManage security tooling stackProduce and maintain a risk register; track remediation SLAsPenetration Testing, crowd testing & Incident ResponseLead or coordinate internal/external penetration testing cyclesManage crowd testing campaignsDevelop and maintain an incident response playbook; support incident investigationsCompliance & GovernanceSupport compliance with SOC 2, ISO 27001, GDPR, and relevant data protection frameworksDefine and enforce security policies, standards, and developer security trainingLeadership & CollaborationAct as the primary security SME for the engineering organizationMentor developers on secure coding practices; build a security-first engineering cultureInterface with external auditors, clients, and the executive team on security postureRequirements5+ years of experience in application security, or security engineeringDemonstrated experience managing security in software development environments (not just ops/infrastructure)Strong development background, proficiency in at least 1 language (eg: Python, Go, Java, C#)Hands on experience with CI/CD security tooling (SAST/DAST/SCA integration, secrets management)Experience with cloud security (AWS, Azure, or GCP) and container security (Docker, Kubernetes)Familiarity with SOC 2 or ISO 27001 compliance frameworksExcellent English communication skills (written and verbal)Preferred/Nice to HavePenetration testing experience or relevant certification (OSCP, CEH, GPEN)Security certifications (CISSP, CSSLP, AWS Security Specialty, or similar)Experience at a B2B SaaS or cybersecurity product companyFamiliarity with insider threat, DLP, or endpoint security product domainsAbout UsAt Teramind, we're pioneering a predictive, AI-driven approach to safeguarding organizations' people, data, and operations. As a global leader in user behavior analytics, insider risk management, and workforce intelligence, we empower businesses to transform data into a strategic asset - delivering clear visibility, control, and proactive protection across digital environments.We're open to hiring in just about every country in the world! Feel free to apply even if you don't live in the country listed in the job description.BenefitsThis is a remote job. Work from anywhere! We’ve been thriving as a fully-remote team since 2014. To us, remote work means flexibility and having truly diverse, global teams.Additionally:Competitive compensationFlexible paid time offLaptop reimbursementOngoing training, development, and career growth opportunitiesWe use an open stack of technologies, so you have the chance to learn and evolveHigh complexity of problems to solve, with active feature development - not just bugs & refactoringCollaboration with a forward-thinking team where new ideas come to life, experience is valued, and talent is incubated. You can make an impact quickly.About our recruitment processWe don’t expect a perfect fit for every requirement we’ve outlined. If you can see yourself contributing to the team, we want to hear your story. You can expect up to 3 interviews, including a live coding component. In some scenarios, we’re able to streamline the process to have minimal rounds. Director-level roles and above should expect a more thorough process, with multiple rounds of interviews.All roles require reference and background checks
Optionally, you can add more information later (benefits, pre-screening questions, etc.)