• Continuously evolve Kentik’s secure SDLC strategy, defining security and privacy standards from design through deployment in partnership with key stakeholders. Design and implement automated security guardrails in CI/CD pipelines to detect vulnerabilities, dependency risks, and misconfigurations in real time, enabling teams to move fast without sacrificing security. • Lead the analysis and resolution of complex, high-risk, or systemic vulnerabilities, partnering with engineers to design durable fixes and reusable security patterns. This also includes tooling selection, prioritization frameworks, remediation workflows, and developer guidance. • Lead threat management automation capabilities by designing automated detections, response playbooks, and escalation paths. Be part of security operations by responding to security alerts/incidents and continuously improving response effectiveness through automation and post-incident learnings. Manage and evolve bug bounty and penetration testing programs in partnership with internal and external stakeholders. • Design, build, and maintain internal security tools, platforms, and frameworks used broadly across the engineering organization. Focus on scalability, reliability, and developer experience while delivering capabilities such as automated scanning, validation, and security reporting and dashboards. • Act as a trusted security advisor to engineering and product teams, providing practical guidance during design reviews, architectural discussions, and roadmap planning. Drive security adoption through collaboration rather than gatekeeping, helping teams make informed risk-based decisions. • Drive security and privacy awareness across the organization by delivering role-specific training, secure design guidance, and ongoing education. Help foster a culture where security is a shared responsibility embedded into everyday engineering practices.

• Detect and respond to security threats across network, systems, and cloud environments. • Troubleshoot and resolve complex technical issues, performing root cause analysis to prevent future incidents. • Act as an escalation point for unresolved alerts/issues. • Mentor SNOC Engineer I team members and assist with technical development. • Create and improve Standard Operating Procedures (SOPs) and knowledge base documentation. • Collaborate on projects to integrate new technologies and improve reliability. • Support compliance initiatives (CMMC, SOC 2, ISO 27001). • Investigates and responds to complex security alerts (lateral movement, privilege misuse). • Performs root cause analysis and recommends remediation actions. • Maintains and tunes SIEM and EDR detections to improve accuracy. • Supports proactive security initiatives (threat hunting, detection engineering). • Mentors Engineer I in effective triage and investigative techniques. • Collaborates with clients and internal teams on remediation plans.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Software Engineer you will work with every component of Wraithwatch’s architecture to include: - Ensuring autonomous and smooth construction of advanced digital twin models of networks - Coordinating communication and signaling between backend AI engines and workers - Building data pipelines between Wraithwatch and third party security products - Performing all manner of site reliability operations to ensure our customer deployments are resilient and maintain uptime Qualifications - 4+ years professional experience in building and deploying software or services as part of a corporate or enterprise security engineering team - Deep, hands-on understanding of the current landscape of cybersecurity tools (EDRs, device management, identity, SIEMs, SOARs, XDRs, etc) and experience configuring, tuning, or automating these systems via APIs - Experience implementing or assisting with the implementation of enterprise / corporate security controls such as anti-malware policies, identity and access controls, detection engineering, device management, or similar - Development experience in any modern programming language, including but not limited to Python, Rust, or Go Requirements - Willingness to work extended hours and weekends as needed Company Description Wraithwatch was founded by security engineers from SpaceX, Palantir, and Anduril to build the next generation of AI-powered cyber defense systems for the United States and its allies. We are deployed today to customers spanning Fortune 500, US Federal Government, commercial nuclear, aerospace, defense, maritime, and other emerging technology companies. Our core product is a cyber defense platform utilizing generative artificial intelligence agents to autonomously model a digital twin of an organization's entire IT and cybersecurity environment and analyze it for weaknesses, misconfigurations, and chains of possible attack.

About The Weather Company: The Weather Company is the world’s leading weather provider, helping people and businesses make more informed decisions and take action in the face of weather. Together with advanced technology and AI, The Weather Company’s high-volume weather data, insights, advertising, and media solutions across the open web help people, businesses, and brands around the world prepare for and harness the power of weather in a scalable, privacy-forward way. The world’s most accurate forecaster globally, the company reaches hundreds of enterprise clients and more than 360 million monthly active users via its digital properties from The Weather Channel (weather.com) and Weather Underground (wunderground.com). Job brief: The DevSecOps Engineer will play a key role, working with the core application engineering team and the cybersecurity lead to ensure that all DROP Platform offerings meet security and compliance goals. This position is part of the Department of Defense (DoD) SkillBridge Program. SkillBridge provides active-duty service members the opportunity to gain civilian work experience during their last 180 days of service. Applicants must be active-duty military, within 180 days of separation, and receive approval from their command to participate. The impact you'll make: Set up and automate regular system patching Set up and automate static and dynamic code scanning Set up and automate vulnerability scanning Automate the creation of tickets and the production of evidence from scanning tasks Automate change management processes Build security and compliance dashboards and reports Perform security reviews on build environments and ensure all systems are maintained with the latest patches, and that security best practices are being followed Participate in agile/scrum processes to help ensure that security deliverables are triaged, prioritized, and slipstreamed into product delivery processes Collaborate and coordinate with 3rd party security consultants. Manage audit processes and triage results with the team. What you've accomplished: 5+ years of professional experience as a DevSecOps engineer Deep understanding of build automation processes and tools (GitHub Actions, Vercel, Jenkins, TravisCI) Expertise with container technologies (Docker, Kubernetes, Helm) Experience with different compliance standards (SOC2, CMMC, NIST, ISO) Familiarity with the Department of Defense (DoD) Impact Level 6 Ability to script/code in at least two of the following languages: bash, perl, python, ruby, groovy, JavaScript, PHP Solid understanding and experience with APIs (REST, XML, JSON) Extensive experience with at least one cloud provider (AWS, Azure) Experience with security tooling (Checkmarx, OWASP Zap, Skyk, Dependabot) Familiarity with issue tracking systems, especially JIRA Good communication and organizational skills Self-starter, open to learning new skills and accepting new challenges SkillBridge Eligibility: Active-duty service member within 180 days of separation. Able to obtain command approval to participate. Meets basic qualifications for the role