CrawlJobs Logo

Senior Security Engineer SDLC

https://www.ledger.com Logo

Ledger

Location Icon

Location:
France , Paris

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

You will be part of our Security team and your responsibility will be to define and promote secure software development best practices across our engineering team and help ensure compliance with internal and external security standards and requirements.

Job Responsibility:

  • Define, document and promote secure software development practices across Ledger’s engineering teams
  • Build and maintain security tooling to support automated analysis, vulnerability detection, and enforcement of secure coding standards
  • Drive the adoption of security checks and controls in the CI/CD pipeline (e.g. linters, SAST, dependency scanning)
  • Own and improve our quorum-based release security process, ensuring that only reviewed, signed, and approved builds can be released to production
  • Provide guidance and support to developers on secure design and implementation decisions
  • Contribute to the definition and implementation of internal security standards, guidelines, and checklists
  • Partner with the Product Security, Donjon, and Software teams to ensure security is a shared responsibility throughout the SDLC
  • Monitor industry trends and adapt internal practices to evolving threats and technologies
  • Help ensure compliance with internal and external security requirements (e.g. certifications, audits)

Requirements:

  • Strong experience with secure software development processes and practices (e.g. threat modeling, secure coding, security testing)
  • Practical experience implementing and managing security tooling in a CI/CD environment
  • Experience writing or maintaining security-related documentation and standards
  • Familiarity with modern software delivery practices (e.g. GitOps, infrastructure as code)
  • A pragmatic mindset focused on enabling developers rather than blocking them
  • Prior experience working with or managing secure release models is a plus
  • Good understanding of risk assessment and software architecture security
  • Proficiency in scripting and automation (Python, Bash, etc)
  • Familiarity with code analysis tools (linters, SAST, dependency scanners like Snyk or Trivy)
  • Understanding of common software vulnerabilities (e.g. OWASP Top 10) and how to prevent them
  • Experience with GitHub workflow and build systems
  • Knowledge of secure release workflows (signing, approvals, reproducible builds)
  • Experience in C, Rust, Scala, or embedded environments is a plus
  • Basic knowledge of cryptography and secure communications protocols is a plus

Nice to have:

  • Prior experience working with or managing secure release models
  • Experience in C, Rust, Scala, or embedded environments
  • Basic knowledge of cryptography and secure communications protocols
What we offer:
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products

Additional Information:

Job Posted:
April 24, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Ledger - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Security Engineer SDLC

Senior Security Engineer

Kensho is S&P Global’s hub for AI innovation and transformation. With expertise ...
Location
Location
United States , New York; Cambridge
Salary
Salary:
160000.00 - 190000.00 USD / Year
kensho.com Logo
Kensho Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Five or more years of experience as a security engineer
  • Experience securing modern web applications and distributed data infrastructure in a cross-team setting
  • Prior experience working with enterprise security technologies such as WAF, CSPM, OAuth2, and SIEM
  • Strong understanding of cryptography and current best practices
  • Experience with penetration testing tools, techniques and methodologies and understanding of common vulnerabilities and remediation strategies
  • Three or more years experience writing code in Python, Javascript, Java, or Go
  • Experience conducting or facilitating IT security audits
  • Familiarity with security models for cloud providers such as AWS, Azure and GCP
  • Familiarity with core networking concepts and standard protocols such as TCP, UDP, and HTTP
Job Responsibility
Job Responsibility
  • Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards
  • Developing and updating security plans: Planning and managing security projects and initiatives
  • Emergency response: Demonstrating excellent surveillance and emergency response skills
  • Identifying and mitigating security vulnerabilities: Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools
  • Implementing de-escalation techniques: Prioritizing training in de-escalation techniques to effectively deal with conflicts
  • Maintain a GenAI security posture: Help establish and enable a GenAI security posture at an enterprise scale and have complete oversight of the AI Accelerator Security program
  • Risk assessment and management: Spotting risky behaviors and configurations in critical infrastructure components to stop network intrusions and preempt cyberattacks
  • Auditing policies and controls continuously: Driving the cybersecurity process forward by regularly auditing the policies and controls in place
  • Building a vulnerability management program: Ensuring that people in the organization continuously check for known vulnerabilities and take appropriate steps to remediate them
  • Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance
What we offer
What we offer
  • Medical, Dental, and Vision insurance
  • 100% company paid premiums
  • Unlimited Paid Time Off
  • 26 weeks of 100% paid Parental Leave (paternity and maternity)
  • 401(k) plan with 6% employer matching
  • Generous company matching on donations to non-profit charities
  • Up to $20,000 tuition assistance toward degree programs, plus up to $4,000/year for ongoing professional education such as industry conferences
  • Plentiful snacks, drinks, and regularly catered lunches
  • Dog-friendly office (CAM office)
  • Bike sharing program memberships
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Security Engineer, you will play a crucial role in safeguarding Dash...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Familiarity with application security best practices, including threat modeling
  • Experience operating within an SDLC program
  • An understanding of CI/CD pipelines and their security implications
  • Familiarity in Identity and Access Management (IAM) frameworks and protocols (Passkeys, SAML, OAuth, SCIM, etc)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message.
  • Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you.
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it.
  • Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance.
Job Responsibility
Job Responsibility
  • Help drive the continuous improvement of Dashlane’s security program across the product and company
  • Assist with architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Participate in Compliance and Incident Response activities
What we offer
What we offer
  • Flex Benefits - monthly amount to be allocated to a pool of benefits of your choice.
  • Health insurance covered by Dashlane.
  • Extended time off and well-being days - add 5 days to you vacation quota, plus your birthday day off, and 4 extra days (one per quarter) to acknowledge the importance of your wellbeing.
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption.
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Flexible working hours - depending on the role, determine a schedule that fits your need, in alignment with your manager.
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane.
  • Mental health services through Spring Health for you and for you and family members.
  • Team buildings & seasonal social events.
  • Weekly lunch in the office and monthly happy hour and much more.
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Senior DevOps Engineer

We are seeking a highly skilled Senior DevOps Engineer to help us integrate secu...
Location
Location
United States , Menlo Park
Salary
Salary:
168961.00 - 190081.00 USD / Year
billiontoone.com Logo
BillionToOne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Engineering, or related field or equivalent relevant years of experience
  • 6–10 years of experience in DevOps, DevSecOps, or related roles
  • Deep expertise with AWS cloud services and cloud-native security tools
  • Proficiency with container orchestration (Kubernetes, Docker)
  • Strong scripting/programming skills (Python, Bash, or Go)
  • Experience with version control tools (Git, Bitbucket, SVN, or CVS)
  • Solid background in Linux and Windows administration, networking, databases, and data center operations
  • Strong understanding of security protocols and secure system design
  • Excellent problem-solving, troubleshooting, and communication abilities—able to clearly and concisely express multifaceted technical concepts
  • Demonstrated ability to work independently with minimal oversight while driving projects to completion
Job Responsibility
Job Responsibility
  • AWS Infrastructure Management: Design, build, and maintain scalable, secure infrastructure on AWS, leveraging services like EC2, ECS/EKS, Lambda, RDS, S3, VPC, IAM, and Route 53
  • Infrastructure as Code (IaC): Automate provisioning and management using Terraform, CloudFormation, or Ansible
  • ensure infrastructure is defined, versioned, and secured according to best practices
  • CI/CD Pipeline Security: Implement and secure continuous integration and deployment pipelines, ensuring security in every stage from development through production
  • Security Integration: Integrate security practices into the development lifecycle—baking in secure coding, vulnerability monitoring, and automated controls across the SDLC
  • Monitoring & Observability: Develop and maintain dashboards and alerts using DataDog, AWS CloudWatch, CloudTrail, GuardDuty, and Config
  • track vulnerabilities, incidents, and system performance
  • Day-to-Day Operations: Support user account management, troubleshooting, and system monitoring to ensure uptime and reliability
  • Collaboration: Partner with development, operations, and security teams to define and enforce security best practices, policies, and procedures
  • Incident Response: Assist with detection, analysis, and response efforts to resolve issues quickly and thoroughly
What we offer
What we offer
  • Working alongside brilliant, kind, passionate and dedicated colleagues, in an empowering environment, toward a global vision, striving for a future in which transformative molecular diagnostics can help millions of patients
  • Open, transparent culture that includes weekly Town Hall meetings
  • The ability to indirectly or directly change the lives of hundreds of thousands patients
  • Multiple medical benefit options
  • employee premiums paid 100% of select plans, dependents covered up to 80%
  • Extremely generous Family Bonding Leave for new parents (16 weeks, paid at 100%)
  • Supplemental fertility benefits coverage
  • Retirement savings program including a 4% Company match
  • Increase paid time off with increased tenure
  • Latest and greatest hardware (laptop, lab equipment, facilities)
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Senior QA Engineer

We are seeking Senior Developer in Test who will be leading Quality and Customer...
Location
Location
United States , Aguadilla
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or master's degree in computer science, engineering, information systems, or closely related quantitative discipline
  • Typically, 7-10 years’ experience
  • Knowledge of complete SDLC and experience in software testing methodology, tools, test planning and test execution
  • Strong coding skills
  • Strong troubleshooting and analytical skills for performing root cause analysis
  • Ability to effectively work with stakeholders in multiple engineering teams for defect investigation, root cause analysis, and implementation of corrective/preventative actions
  • Knowledge of tools and processes for regression, scale, and performance testing
  • Ability to write clear test specifications
  • Experience working in continuous integration and continuous delivery
  • Self-motivated with excellent verbal and written communication skills
Job Responsibility
Job Responsibility
  • Understand, participate, provide input for Software Development Life Cycle (SDLC) process improvements
  • Bring expertise regarding execution and automation of long running, scale, reliability, and security test cases
  • Collaborate with other cross-functional teams including but not limited to Product Management, Customer Support and Platform engineering
  • Provide executive level communications regarding progress on improvement initiatives and track projects in JIRA and Confluence
  • Influence significant product and service quality and customer experience improvement through SDLC process improvements and standardization
  • Provide guidance and mentoring to new hires joining the team
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior DevOps / Developer Engineer

We are seeking DevOps / Developer Engineer who will be leading initiatives acros...
Location
Location
Puerto Rico , Aguadilla
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or master's degree in computer science, engineering, information systems, or closely related quantitative discipline
  • Typically, 4-7 years’ experience
  • Strong experience in Software Development, DevOps, SDLC tool administration
  • Experience in software testing methodology, tools, test planning and test execution
  • Strong understanding of end-to-end SDLC processes in cloud environments (AWS, Azure, GCP)
  • Hands-on experience with tools like Jira, Confluence, GitHub/GitLab, Jenkins, Azure DevOps, ServiceNow, etc.
  • Proven experience in tool rationalization, consolidation, or enterprise-scale SDLC transformations
  • Excellent project management and stakeholder engagement skills
  • Strong problem-solving and analytical skills
  • Strong troubleshooting and analytical skills for performing root cause analysis
Job Responsibility
Job Responsibility
  • Understand, participate, provide input for functional and design specs and other design documentation
  • Execute and automate long running, scale, reliability, and security testcases and report the results
  • Evaluate existing SDLC tools used across cloud-based development teams (e.g., Jira, GitHub/GitLab, Jenkins, Azure DevOps, etc.)
  • Identify redundancies, gaps, and inefficiencies in tool usage and propose a streamlined toolchain
  • Define and drive the implementation roadmap for tool consolidation and integration
  • Collaborate with cross-functional stakeholders to gather requirements and align on standard toolsets
  • Ensure consolidated SDLC tools support agile, CI/CD, DevSecOps, and cloud-native development practices
  • Develop standard operating procedures, workflows, and governance policies for tool usage
  • Facilitate change management, including user training and support during the transition
  • Track and report KPIs related to tool usage, process efficiency, and software delivery quality
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Ireland Jobs Germany Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy