- Continuously evolve Kentik’s secure SDLC strategy, defining security and privacy standards from design through deployment in partnership with key stakeholders.
- Design and implement automated security guardrails in CI/CD pipelines to detect vulnerabilities, dependency risks, and misconfigurations in real time.
- Lead the analysis and resolution of complex, high-risk, or systemic vulnerabilities, partnering with engineers to design durable fixes and reusable security patterns.
- Lead threat management automation capabilities by designing automated detections, response playbooks, and escalation paths.
- Be part of security operations by responding to security alerts/incidents and continuously improving response effectiveness through automation and post-incident learnings.
- Manage and evolve bug bounty and penetration testing programs in partnership with internal and external stakeholders.
- Design, build, and maintain internal security tools, platforms, and frameworks used broadly across the engineering organization.
- Act as a trusted security advisor to engineering and product teams, providing practical guidance during design reviews, architectural discussions, and roadmap planning.
- Drive security adoption through collaboration rather than gatekeeping, helping teams make informed risk-based decisions.
- Drive security and privacy awareness across the organization by delivering role-specific training, secure design guidance, and ongoing education.
AWSNode.jsPython+5 more