Sr. Information Security Engineer

Position Overview

• Location Type:
• Job Type:
• Salary:

The Senior Information Security Engineer will focus on identifying, analyzing, and mitigating application security vulnerabilities across Azure-hosted environments. This role is responsible for supporting engineering teams in remediation efforts, maintaining vulnerability management processes for SAST, DAST, and SCA, and providing strategic guidance on secure development practices. The Senior Security Engineer will serve as a key resource in application security, ensuring alignment with OWASP standards and container security best practices.

Specific Responsibilities

• Analyze results from SAST, DAST, and SCA tools, and deliver clear, actionable remediation guidance to engineering teams.
• Collaborate with developers to resolve vulnerabilities and promote secure coding practices.
• Develop and maintain security guidelines aligned with OWASP Top 10, SANS Top 25, and other leading frameworks.
• Conduct threat modeling and application-level risk assessments.
• Provide expertise on container security in Azure, including secure configurations and runtime protections.
• Track and manage remediation efforts to ensure timely resolution of vulnerabilities.
• Build and maintain robust vulnerability management processes for Azure-hosted applications and services.
• Partner with DevOps to embed security controls into CI/CD pipelines.
• Create security documentation such as remediation playbooks and advisory reports.
• Lead penetration testing initiatives and coordinate follow-up actions.
• Support incident response efforts related to application vulnerabilities.
• Oversee the organization’s vulnerability management program, ensuring comprehensive coverage and effective risk mitigation.

Required Qualifications

• 8+ years in information security, including 4+ years in application security.
• 3+ years of experience in cloud environments (Azure or AWS), with a focus on application and container security.
• Deep knowledge of SAST, DAST, and SCA tools and remediation strategies.
• Strong grasp of OWASP Top 10, SANS Top 25, and secure development principles.
• Proven ability to guide engineering teams through vulnerability remediation.
• Excellent analytical and communication skills.
• Experience with threat modeling and risk assessment.

Desired Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
• Familiarity with Azure DevOps, GitHub, and CI/CD tools.
• Relevant certifications such as CISSP, CEH, or Azure Security credentials.

About Accela

For nearly 20 years, Accela has been an industry leader in designing and delivering government software to improve efficiency, increase citizen engagement and enable the development of thriving communities. Today, citizens are savvy to how services should be delivered, and expect a consistently convenient, openly transparent view into their local government. While government agencies struggle to do more with less, our mission has never been more critical. Accela provides a robust, cloud-based platform of government software solutions that accelerate growth, efficiency, and transparency in communities of all sizes. From planning, to building, to service request management and more, Accela’s SaaS offerings level the playing field for small and medium governments and enable smaller agencies to leverage larger city technologies. Our open and flexible technology helps agencies address specific needs today, while ensuring they are well prepared for the emerging challenges of the future.

Our Commitment to Diversity, Equity, and Inclusion

Accela believes in developing and nurturing a workplace community where our differences are celebrated, and everyone feels a sense of psychological safety and belonging. Accela is committed to putting resources and attention towards evolving our practices, policies, and philosophies to enable diversity to thrive.