Verticalmove, Inc
Senior & Lead Application Security Engineer (Santa Clara)
Verticalmove, Inc, Santa Clara, California, United States, 95053
ATTN - PLEASE READ CAREFULLY: WE CAN NOT SPONSOR NEW VISAS OR TRANSFER EXISTING VISAS. AT THIS TIME WE'RE ONLY CONSIDERING US CITIZENS OR GC HOLDERS.
WERE LOOKING FOR SOMEONE WHO HAS SIGNIFICANT APPLICATION SECURITY EXPERIENCESOMEONE WHO HAS DESIGNED SECURE ARCHITECTURES, IMPLEMENTED CONTROLS ACROSS THE SDLC, AND PROACTIVELY IDENTIFIED AND MITIGATED VULNERABILITIES IN LARGE-SCALE DISTRIBUTED SYSTEMS.
THE SUCCESSFUL CANDIDATE SHOULD ALSO HAVE A STRONG TRACK RECORD OF PARTNERING WITH ENGINEERING TEAMS TO IMPROVE OVERALL SECURITY POSTURE THROUGH ARCHITECTURAL GUIDANCE, SECURE CODING BEST PRACTICES, AND CONTINUOUS SECURITY EDUCATION.
Picture a company redefining how life sciences harness data
one that turns the noise of fragmented scientific systems into the clarity that accelerates discovery, development, and ultimately, human progress.
This
Scientific Data Cloud pioneer
has built a cloud-native ecosystem engineered specifically for the life sciences, connecting laboratory instruments, informatics systems, and analytics applications into a single, intelligent network. The result: harmonized, actionable scientific data that transforms R&D velocity and precision across discovery, development, and manufacturing.
Trusted by the worlds leading biopharma innovators, their open platform serves as the digital nervous system for scientific operations
empowering researchers and partners to unlock insights at unprecedented scale.
Think of it as
the Palantir of Life Sciences
designed not just to visualize complexity, but to
ingest and process petabytes of scientific data
through
advanced taxonomies and ontologies
that bring structure, context, and meaning to an otherwise chaotic scientific landscape.
Through deep collaborations with global leaders in cloud computing and AI, this company is building the foundation for a new era of
Scientific Intelligence
one where every experiment, every dataset, and every discovery is connected, contextualized, and exponentially more powerful than before.
Senior & Lead Application Security Engineers
Were looking for a hands-on Product Security Technical Lead to drive the design, implementation, and evolution of our security engineering program. Youll lead a team of Security Engineers focused on hardening our SaaS and data platforms by breaking things before attackers do
identifying vulnerabilities, building secure infrastructure, and integrating protection across our CI/CD pipelines.
This role demands deep technical expertise across AWS, Python, and application & cloud security, along with a hackers curiosity and a builders discipline.
Why This Role:
Youll have complete ownership of product and cloud security from architecture to execution.
Youll lead by doing
hacking, breaking, and building resilient systems.
Be part of a company where security isnt an afterthought
its a product feature.
Job Responsibilities
Own and evolve the organizations entire application security posture, with a focus on application and cloud security across all product lines.
Perform offensive and defensive security assessments
threat modeling, code review, penetration testing, and vulnerability exploitation.
Build and integrate automated security tooling (SAST, DAST, dependency scanning, IaC scanning) into CI/CD pipelines.
Develop security automation and internal tooling using Python, Bash, or Go.
Partner with Engineering, DevOps, and Infrastructure teams to ensure secure AWS architectures (VPC, IAM, KMS, GuardDuty, CloudTrail, WAF).
Oversee incident response and root cause analysis for product and infrastructure-level security events.
Define and enforce secure coding standards, and lead threat modeling sessions for critical features and services.
Continuously hunt for vulnerabilities, test assumptions, and break things safely to strengthen the platform.
Preferred Qualifications:
Certifications such as AWS Certified Security
Specialty, OSCP, or CISSP.
Experience in SaaS, Big Data, or high-scale distributed environments.
Knowledge of MITRE ATT&CK, OWASP Top 10, and secure software design principles.
Required Skills & Experience:
8+ years of hands-on experience in Application, Cloud, or Product Security roles, with lead or staff-level responsibilities.
Deep expertise in AWS security architecture and service hardening.
Advanced programming and scripting ability in Python (Bash or Go a plus).
Proven experience with offensive security: hacking, exploit analysis, or red team operations.
Strong foundation in vulnerability management, threat modeling, and incident response.
Proficient with DevSecOps tools and modern CI/CD environments.
Familiarity with container and orchestration security (Docker, Kubernetes, EKS).
Required Education
Bachelor's degree in computer science or another equivalent degree.
WERE LOOKING FOR SOMEONE WHO HAS SIGNIFICANT APPLICATION SECURITY EXPERIENCESOMEONE WHO HAS DESIGNED SECURE ARCHITECTURES, IMPLEMENTED CONTROLS ACROSS THE SDLC, AND PROACTIVELY IDENTIFIED AND MITIGATED VULNERABILITIES IN LARGE-SCALE DISTRIBUTED SYSTEMS.
THE SUCCESSFUL CANDIDATE SHOULD ALSO HAVE A STRONG TRACK RECORD OF PARTNERING WITH ENGINEERING TEAMS TO IMPROVE OVERALL SECURITY POSTURE THROUGH ARCHITECTURAL GUIDANCE, SECURE CODING BEST PRACTICES, AND CONTINUOUS SECURITY EDUCATION.
Picture a company redefining how life sciences harness data
one that turns the noise of fragmented scientific systems into the clarity that accelerates discovery, development, and ultimately, human progress.
This
Scientific Data Cloud pioneer
has built a cloud-native ecosystem engineered specifically for the life sciences, connecting laboratory instruments, informatics systems, and analytics applications into a single, intelligent network. The result: harmonized, actionable scientific data that transforms R&D velocity and precision across discovery, development, and manufacturing.
Trusted by the worlds leading biopharma innovators, their open platform serves as the digital nervous system for scientific operations
empowering researchers and partners to unlock insights at unprecedented scale.
Think of it as
the Palantir of Life Sciences
designed not just to visualize complexity, but to
ingest and process petabytes of scientific data
through
advanced taxonomies and ontologies
that bring structure, context, and meaning to an otherwise chaotic scientific landscape.
Through deep collaborations with global leaders in cloud computing and AI, this company is building the foundation for a new era of
Scientific Intelligence
one where every experiment, every dataset, and every discovery is connected, contextualized, and exponentially more powerful than before.
Senior & Lead Application Security Engineers
Were looking for a hands-on Product Security Technical Lead to drive the design, implementation, and evolution of our security engineering program. Youll lead a team of Security Engineers focused on hardening our SaaS and data platforms by breaking things before attackers do
identifying vulnerabilities, building secure infrastructure, and integrating protection across our CI/CD pipelines.
This role demands deep technical expertise across AWS, Python, and application & cloud security, along with a hackers curiosity and a builders discipline.
Why This Role:
Youll have complete ownership of product and cloud security from architecture to execution.
Youll lead by doing
hacking, breaking, and building resilient systems.
Be part of a company where security isnt an afterthought
its a product feature.
Job Responsibilities
Own and evolve the organizations entire application security posture, with a focus on application and cloud security across all product lines.
Perform offensive and defensive security assessments
threat modeling, code review, penetration testing, and vulnerability exploitation.
Build and integrate automated security tooling (SAST, DAST, dependency scanning, IaC scanning) into CI/CD pipelines.
Develop security automation and internal tooling using Python, Bash, or Go.
Partner with Engineering, DevOps, and Infrastructure teams to ensure secure AWS architectures (VPC, IAM, KMS, GuardDuty, CloudTrail, WAF).
Oversee incident response and root cause analysis for product and infrastructure-level security events.
Define and enforce secure coding standards, and lead threat modeling sessions for critical features and services.
Continuously hunt for vulnerabilities, test assumptions, and break things safely to strengthen the platform.
Preferred Qualifications:
Certifications such as AWS Certified Security
Specialty, OSCP, or CISSP.
Experience in SaaS, Big Data, or high-scale distributed environments.
Knowledge of MITRE ATT&CK, OWASP Top 10, and secure software design principles.
Required Skills & Experience:
8+ years of hands-on experience in Application, Cloud, or Product Security roles, with lead or staff-level responsibilities.
Deep expertise in AWS security architecture and service hardening.
Advanced programming and scripting ability in Python (Bash or Go a plus).
Proven experience with offensive security: hacking, exploit analysis, or red team operations.
Strong foundation in vulnerability management, threat modeling, and incident response.
Proficient with DevSecOps tools and modern CI/CD environments.
Familiarity with container and orchestration security (Docker, Kubernetes, EKS).
Required Education
Bachelor's degree in computer science or another equivalent degree.