DevSecOps Engineer
Authentic8Salary not specified
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
FintechIndustries
Requirements
- Proven, senior experience as a Cyber Security Engineer or similar role
- Hands-on experience implementing and managing security tooling within CI/CD pipelines
Responsibilities
- Work directly with engineering teams to embed security best practices throughout the SDLC
- Implement, maintain, and tune DevSecOps tools and pipelines (SAST, DAST, SCA) to automatically identify and remediate security flaws in code and infrastructure
- Conduct and facilitate threat modelling sessions for new features and systems to proactively identify design-level risks
- Triage, validate, and track vulnerabilities identified across applications and infrastructure, driving efficient remediation efforts
- Provide technical advice on the secure design and configuration of our cloud environment (AWS/GCP) and associated technologies (Kubernetes, GitOps, Snowflake, Vault)
- Execute vendor security assessments and due diligence reviews for new and existing third-party suppliers, maintaining required documentation for the Vendor Governance Forum
- Assist the team in achieving and maintaining compliance with key regulatory and industry frameworks, including GDPR, ISO 27001, SOC2, and PCI DSS, by gathering evidence and documenting controls
- Help translate high-level security policies into practical, actionable security standards and control requirements for engineering teams
- Document and track identified risks from AppSec, vendor reviews, and operations, ensuring they are accurately captured and reported
- Support the delivery of security awareness and training programs tailored for technical and non-technical staff
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
Is this a remote or hybrid role?
This is a hybrid role.
What are the main responsibilities of the Staff Cyber Security Engineer?
The role involves securing development through Application Security and DevSecOps practices like implementing SAST/DAST/SCA tools, threat modeling, vulnerability management, and security architecture advice, as well as supporting GRC activities such as vendor security reviews.
What skills and experience are required for this position?
Key skills include hands-on experience with DevSecOps tools (SAST, DAST, SCA), threat modeling, vulnerability management, security architecture in AWS/GCP/Kubernetes, and bridging development with security governance for SDLC and GRC compliance.
What is the company culture like at Lendable?
Lendable features small teams of exceptional, relentlessly resourceful people who take ownership, make impactful decisions from day one, and build cutting-edge technology using data, ML, and AI.
What makes a strong candidate for this Staff Cyber Security Engineer role?
A strong candidate is a hands-on engineer who can bridge development teams and security governance, with expertise in Application Security, DevSecOps automation, threat modeling, vulnerability management, cloud security architecture, and GRC support.
Lendtable
Provides credit lines for retirement contributions
About Lendtable
Lendtable helps employees increase their long-term wealth by providing lines of credit for retirement and employee stock purchase plans (ESPP). This service allows employees to contribute to their 401(k) plans or ESPPs without reducing their take-home pay, enabling them to take full advantage of employer matching contributions. The application process is straightforward, and Lendtable earns revenue through fees on the credit extended. The company's goal is to maximize retirement savings for employees of large corporations while keeping their monthly budgets intact.
San Francisco, CaliforniaHeadquarters
2020Year Founded
$22.5MTotal Funding
SERIES_ACompany Stage
Fintech, Financial ServicesIndustries
11-50Employees
Risks
Rising interest rates may increase Lendtable's cost of capital.
Increased competition from fintech startups could erode Lendtable's market share.
Regulatory scrutiny on retirement-focused financial products could impact Lendtable.
Differentiation
Lendtable offers unique credit lines for 401(k) and ESPP contributions.
The company targets employees of Fortune 500 companies for its services.
Lendtable's model allows wealth-building without reducing take-home pay.
Upsides
Increased employer interest in financial wellness boosts demand for Lendtable's services.
SECURE 2.0 Act encourages higher retirement savings, benefiting Lendtable.
Growing ESPP offerings align with Lendtable's focus on stock purchase plans.
Related Jobs
RemoteRemoteSenior Application Security Engineer
M&T BankSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Security Engineer
BraceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Platform Security Engineer
Imagine PediatricsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Security Engineer, Application Security
1PasswordSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Infrastructure Security
OpenAI$292,500 - $405,000/year
- Full Time
- Junior (1 to 2 years)