Cyber Security Engineer

Lead Application Security Engineer | Atlanta, GA | Remote-Friendly | $119,600 - $199,400

We're working with Cox Automotive on this exciting opportunity.

This role offers an exceptional chance to lead the application security efforts within a dynamic team, focusing on secure software design and implementation across cloud-native environments. You'll be instrumental in shaping the security landscape, driving remediation guidance, and influencing the adoption of secure patterns for cutting-edge technologies. This is a key position for an experienced engineer looking to make a significant impact on security posture and mentor junior team members.

Key Responsibilities:

• Operate, administer, and continuously improve off-the-shelf AppSec and CloudSec tools, including WAF infrastructure management.

• Triage and disposition vulnerabilities across SAST/DAST/SCA/API/IaC/CSPM sources, leading false positive reviews and suppression workflows.

• Partner with Cloud Platform teams to harden AWS/Azure/GCP environments using CSPM/CNAPP controls and guide secure patterns for serverless, containers/Kubernetes, and secrets management.

• Use scripting/automation (Python, PowerShell, Bash, REST APIs, Terraform modules, GitHub Actions/Azure DevOps/GitLab CI) for ad hoc fixes and to reduce toil.

• Support system administration, configuration, and maintenance for the AppSec/CloudSec/WAF toolset.

• Evaluate security tools on an ongoing basis to ensure they meet enterprise needs.

What You'll Need:

• Bachelor's degree in a related discipline and 6 years' experience, or equivalent combination.

• 2 years in Application/Product security or software engineering with a strong security focus.

• Hands-on depth with modern SDLC/DevSecOps in cloud-native environments: microservices, APIs, containers/Kubernetes, serverless, IaC (Terraform/CloudFormation/ARM/Bicep), and CI/CD integration.

• Practical expertise operating and tuning SAST, DAST, SCA, API testing, IaC/container scanners, plus CNAPP for multi-cloud.

• Scripting/automation proficiency (Python preferred) and REST API integration skills.

• Strong knowledge of OWASP Top 10, ASVS, SAMM, NIST SSDF, CSA CCM, secure design patterns, and common web/API vulnerabilities.

What's On Offer:

• Flexibility to take as much vacation with pay as deemed consistent with duties and company needs.

• Seven paid holidays throughout the calendar year.

• Up to 160 hours of paid wellness annually for personal or family wellness.

• Additional paid time off for bereavement, voting, jury duty, volunteer work, military leave, and parental leave.

Apply via Haystack today