
Senior Application Security Engineer – AI, Vulnerability
Posted Jun 15

Posted Jun 15
This is a fully remote position, open to applicants in United Kingdom.
• Take charge of the ongoing operation and maintenance of Samsara’s vulnerability management program, ensuring the consistent execution of processes.
• Assist in the management of vulnerability scanning tools and work on enhancing detection capabilities to boost accuracy and minimize false positives.
• Collaborate closely with the Vulnerability Technical Program Manager to create and disseminate monthly and quarterly compliance reports.
• Work in partnership with engineering teams to monitor and facilitate the remediation of identified vulnerabilities, offering guidance on best practices.
• Help analyze and triage vulnerabilities, escalating critical issues to senior security engineers or the Security Operations team as necessary.
• Engage in security incident investigations pertaining to high-profile vulnerabilities, assisting in data collection and evaluating potential impacts on Samsara’s infrastructure.
• Contribute to the documentation and enhancement of processes to optimize vulnerability management workflows.
• Advocate for Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) in daily activities.
• Be available for on-call support regularly.
• Over 6 years of relevant experience demonstrating significant impact in security engineering and vulnerability management within an enterprise setting.
• Extensive experience with vulnerability management tools, particularly modern solutions like Wiz or Semgrep.
• Profound subject matter expertise in security engineering best practices covering areas such as CVSS and EPSS.
• Strong knowledge of common security vulnerabilities, capable of assessing their severity and business impact.
• Excellent programming skills with experience in Python or GoLang.
• Solid background in DevOps, DevSecOps, or SRE, with experience in AWS cloud services and Terraform.
• Familiarity with security automation platforms such as Tines and serverless frameworks like AWS Lambda.
• Comprehensive understanding of Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), or Software Composition Analysis (SCA).
• Comprehensive health and parental leave plans.
• Professional development stipend.
• Flexible, employee-led remote model.
divcon
Convatec
Red Hat
Synmatch AI
Get handpicked remote jobs straight to your inbox weekly.