Key Responsibilities Security in the SDLC - Own and enforce DevSecOps practices across CI/CD pipelines (SAST, DAST, SCA, and other practices) - Integrate automated security tooling into development workflows; reduce manual security gates - Partner with development teams to perform secure code reviews and threat modeling Vulnerability & Risk Management Manage security tooling stack - Produce and maintain a risk register; track remediation SLAs Penetration Testing, crowd testing & Incident Response - Lead or coordinate internal/external penetration testing cycles - Manage crowd testing campaigns - Develop and maintain an incident response playbook; support incident investigations Compliance & Governance - Support compliance with SOC 2, ISO 27001, GDPR, and relevant data protection frameworks - Define and enforce security policies, standards, and developer security training Leadership & Collaboration - Act as the primary security SME for the engineering organization - Mentor developers on secure coding practices; build a security-first engineering culture - Interface with external auditors, clients, and the executive team on security posture Requirements: - Demonstrated experience managing security in software development environments (not just ops/infrastructure) - Strong development background, proficiency in at least 1 language (eg: Python, Go, Java, C#) - Hands on experience with CI/CD security tooling (SAST/DAST/SCA integration, secrets management) - Experience with cloud security (AWS, Azure, or GCP) and container security (Docker, Kubernetes) - Familiarity with SOC 2 or ISO 27001 compliance frameworks - Excellent English communication skills (written and verbal) Preferred/Nice to Have - Penetration testing experience or relevant certification (OSCP, CEH, GPEN) - Security certifications (CISSP, CSSLP, AWS Security Specialty, or similar) - Experience at a B2B SaaS or cybersecurity product company - Familiarity with insider threat, DLP, or endpoint security product domains About Us At Teramind, we're pioneering a predictive, AI-driven approach to safeguarding organizations' people, data, and operations. As a global leader in user behavior analytics, insider risk management, and workforce intelligence, we empower businesses to transform data into a strategic asset - delivering clear visibility, control, and proactive protection across digital environments. Benefits This is a remote job. Work from anywhere! We’ve been thriving as a fully-remote team since 2014. To us, remote work means flexibility and having truly diverse, global teams. Additionally: - Competitive compensation - Flexible paid time off - Laptop reimbursement - Ongoing training, development, and career growth opportunities - We use an open stack of technologies, so you have the chance to learn and evolve - High complexity of problems to solve, with active feature development - not just bugs & refactoring - Collaboration with a forward-thinking team where new ideas come to life, experience is valued, and talent is incubated. You can make an impact quickly. About our recruitment process We don’t expect a perfect fit for every requirement we’ve outlined. If you can see yourself contributing to the team, we want to hear your story. You can expect up to 3 interviews, including a live coding component. In some scenarios, we’re able to streamline the process to have mínimal rounds. Director-level roles and above should expect a more thorough process, with multiple rounds of interviews. All roles require reference and background checks Teramind is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration without regard to race, age, religion, color, marital status, national origin, gender, gender identity or expression, sexual orientation, disability, or veteran status._