FreeHire

Anchorage Digital

Member of Technical Staff Security Operations

Show

You will build and maintain security automation and tooling to detect vulnerabilities across code and live systems. You will conduct application security assessments, penetration tests, and code reviews to identify high-risk issues and provide secure development guidance. You will develop and operate vulnerability management workflows, partner with engineering teams to prioritize and remediate findings, and manage the full vulnerability lifecycle. You will monitor and respond to security events and configuration anomalies, lead investigation and containment efforts, and produce assurance artifacts and evidence for regulated requirements. You will document runbooks and post-incident reviews, translate technical findings into actionable guidance, and collaborate with engineering, infrastructure, and compliance teams to embed security into development and operational processes.

Responsibilities

  • Build and maintain security automation and tooling
  • Conduct application security assessments
  • Perform penetration tests
  • Perform code reviews
  • Develop and operate vulnerability management workflows
  • Establish and test security guardrails for code cloud resources and infrastructure
  • Monitor and respond to security events and configuration anomalies
  • Lead investigation and containment efforts
  • Manage the full vulnerability lifecycle from discovery through remediation
  • Deliver assurance artifacts and evidence for regulated requirements
  • Document runbooks and post-incident reviews
  • Communicate security risks and remediation approaches to engineering teams

Requirements

  • 3+ years hands-on experience in security engineering application security penetration testing or security operations
  • Experience building or maintaining security tools integrations or automation using Python Go or similar languages
  • Ability to identify and assess security vulnerabilities in applications APIs and cloud infrastructure
  • Experience with static and dynamic analysis tools such as Semgrep CodeQL Burp Suite or equivalent
  • Knowledge of AWS security fundamentals including IAM VPC security groups and CloudTrail logging
  • Incident response experience including investigation and root cause analysis
  • Computer science fundamentals such as concurrency algorithms and data structures
  • Care about code quality and operational excellence
  • Prioritize security outcomes end-user experience and business value

Benefits

  • Remote friendly work policy
  • Option to work in-office in New York City Sioux Falls Porto Lisbon and Singapore
  • Sponsored quarterly in-person collaboration days