Senior SecOps Engineer

Description:

Who are we?

Checkmarx is the enterprise application security leader and the host of Checkmarx One, the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust. Powered by the intelligence from our industry-leading AppSec security research team, and our AI-driven technology and services, our platform is designed to enable CISOs, AppSec and development leaders to prioritize their teams' focus on what impacts their business. Our offerings secure every phase of development for every application, from the very first line of code through production, while simultaneously balancing the dynamic needs of security and development teams. We are honored to serve more than 1,800 customers, which includes 60 percent of all Fortune 100 organizations. We are committed to moving forward with the unwavering dedication to the safety and security of our customers, and the applications that power our day-to-day lives.

What Are We Looking For?

We are looking for a Senior SecOps Engineer to join our Security Operations team as the technical lead for Incident Response and Cloud Security.

The team is responsible for monitoring our production and corporate environments, responding to security incidents, and continuously hardening our cloud, network, and CI/CD posture. This role is the senior technical anchor of the function: the first responder during critical incidents, the architect behind our cloud and network defenses, and a technical mentor to the rest of the team.

You will own the Incident Response practice, lead our cloud security program across CNAPP, SASE/ZTNA, and CI/CD supply-chain security, and partner with Engineering, DevOps, and Platform teams to drive security improvements at scale. Participation in an on-call rotation for critical incidents is required.

How Will You Make an Impact?

• Own our SASE/ZTNA stack: policy management, network security, secure access.

• Own our CNAPP platform: workload protection, posture management, vulnerability prioritization.

• Own our CI/CD security platform and drive software supply-chain security across the organization.

• Serve as IR Expert: first responder for critical security incidents, owning detection, containment, eradication, and recovery.

• Lead post-incident root-cause analysis and drive remediation across the organization.

• Build and maintain IR playbooks, runbooks, and tabletop exercises.

• Partner with DevOps and Platform teams on secure-by-default cloud architecture.

• Contribute to broader security architecture decisions across the security stack.

• Mentor more junior engineers on the team and lead technical reviews of their work.

• Act as deputy to the SecOps Team Lead on strategic initiatives.

• Participate in the critical-incident on-call rotation.

What Is Needed to Succeed?

• 5+ years of hands-on experience in Security Operations or Security Engineering, with 2+ years in a senior or lead capacity.

• Demonstrated Incident Response leadership: You have run real incidents end to end, from detection through post-incident review.

• Hands-on experience with CNAPP, CSPM, or CWPP platforms.

• Knowledge of AWS, GCP, or Azure security primitives and cloud-native threat models.

• Experience with SASE or ZTNA architectures.

• Familiarity with CI/CD and software supply-chain security (e.g., GitHub Actions hardening, SLSA).

• Scripting skills in Python (or equivalent) for automation, tooling, and IR support.

• Working knowledge of MITRE ATT&CK and modern adversary tradecraft.

• Ability to lead a war room, brief executives, and communicate clearly under pressure

Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year. Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law.