🛠 Tech Stack

💼 About This Role

You'll embed security into the software development lifecycle and partner with developers to make secure design the default at a fast-growing hospitality tech company. You'll own the strategy for AppSec tooling, automation, and developer enablement while working with SREs and data engineers. This fully remote role offers the chance to shape security for a platform used by 20,000+ hotels worldwide.

🎯 What You'll Do

• Define and enforce best practices for secure coding and design reviews.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines.
• Partner with developers to identify security risks early in the lifecycle.
• Implement monitoring, alerting, and remediation for security incidents.

📋 Requirements

• 6+ years in security engineering, DevSecOps, or related roles.
• Hands-on with AppSec tooling (Snyk, OWASP ZAP, Burp Suite, etc.).
• Strong programming skills in Python, Go, or JavaScript.
• Experience with AWS/Kubernetes security (IAM, KMS, RBAC, etc.).

✨ Nice to Have

• Familiarity with Terraform, Helm, and GitOps practices.
• Knowledge of networking, encryption, and cloud-native security.

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 🩺 Health insurance (medical, dental, vision)
• 💰 Equity in a fast-growing startup
• 🏠 Fully remote work environment
• 📚 Learning & development stipend