🛠 Tech Stack

💼 About This Role

You'll lead application security best practices across a FedRAMP technology stack at Unqork. You'll perform deep-dive manual penetration testing and automate processes with policy as code. This role combines hands-on security assessments with developer partnership.

🎯 What You'll Do

• Perform deep-dive manual penetration testing on web applications.
• Triage and manage results from SAST, DAST, and SCA tools.
• Conduct security code reviews of Node.js applications.
• Develop Python scripts to automate security tasks in CI/CD pipelines.

📋 Requirements

• 5+ years in Application Security, Pentesting, or Security Engineering.
• Expert knowledge of OWASP Top 10 and common web attack vectors.
• Proficiency in reading and auditing Node.js code.
• Experience with Burp Suite Professional and SAST/DAST/SCA platforms.

✨ Nice to Have

• Experience with testing AI/LLM applications.
• Ability to write automation scripts in Python.
• Excellent communication skills for non-security stakeholders.

🎁 Benefits & Perks

• 🏡 Work from home with a remote-first community.
• 🏖️ Unlimited PTO (and encouragement to use it).
• 📚 Student loan payback program.
• 🏥 100% employer-covered medical, dental, and vision.
• 💰 Employer-sponsored 401(k) with contribution match.