Senior Information Security Engineer

Summary

Join Accela as a Senior Information Security Engineer and focus on identifying, analyzing, and mitigating application security vulnerabilities across Azure-hosted environments. Support engineering teams in remediation efforts, maintain vulnerability management processes, and provide strategic guidance on secure development practices. Serve as a key resource in application security, ensuring alignment with OWASP standards and container security best practices. Analyze results from SAST, DAST, and SCA tools, and deliver actionable remediation guidance. Collaborate with developers to resolve vulnerabilities and promote secure coding practices. Conduct threat modeling and application-level risk assessments.

Requirements

• 8+ years in information security, including 4+ years in application security
• 3+ years of experience in cloud environments (Azure or AWS), with a focus on application and container security
• Deep knowledge of SAST, DAST, and SCA tools and remediation strategies
• Strong grasp of OWASP Top 10, SANS Top 25, and secure development principles
• Proven ability to guide engineering teams through vulnerability remediation
• Excellent analytical and communication skills
• Experience with threat modeling and risk assessment

Responsibilities

• Analyze results from SAST, DAST, and SCA tools, and deliver clear, actionable remediation guidance to engineering teams
• Collaborate with developers to resolve vulnerabilities and promote secure coding practices
• Develop and maintain security guidelines aligned with OWASP Top 10, SANS Top 25, and other leading frameworks
• Conduct threat modeling and application-level risk assessments
• Provide expertise on container security in Azure, including secure configurations and runtime protections
• Track and manage remediation efforts to ensure timely resolution of vulnerabilities
• Build and maintain robust vulnerability management processes for Azure-hosted applications and services
• Partner with DevOps to embed security controls into CI/CD pipelines
• Create security documentation such as remediation playbooks and advisory reports
• Lead penetration testing initiatives and coordinate follow-up actions
• Support incident response efforts related to application vulnerabilities
• Oversee the organization’s vulnerability management program, ensuring comprehensive coverage and effective risk mitigation

Preferred Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
• Familiarity with Azure DevOps, GitHub, and CI/CD tools
• Relevant certifications such as CISSP, CEH, or Azure Security credentials

Benefits

• Flexible time off
• Comprehensive medical, dental, and vision plans
• Family planning benefits
• 401(k) retirement savings plan with company match
• Health savings account with company contributions
• Flexible spending account
• Life, accident, and disability coverage
• Business travel insurance
• Employee assistance programs
• Other well-being benefits
• Annual bonus target