Lead Application & Cloud Security Engineer

Unqork empowers enterprises to accelerate growth by rapidly building, testing, and running applications that are designed to be AI-native. Trusted by the world’s largest organizations in highly regulated industries, these applications become more secure over time while significantly reducing technical debt—allowing businesses to focus on innovation rather than maintenance. Unqork’s customers include Goldman Sachs, Marsh, BlackRock, and the U.S. Department of Health and Human Services.  

At Unqork, we value inclusive and innovative thinkers who boldly challenge the status quo. We encourage you to apply! 

The Impact U will make:

You will be part of a team that is passionate about securing Unqork's Commercial and FedRAMP technology stack. You will champion cloud and application security best practices and drive their adoption across Unqork's engineering organizations. You will automate processes using policy as code. You'll leverage your deep technical expertise to oversee the identification and remediation of security vulnerabilities and misconfigurations. In this role, you will lead the review process for all features, security patches, and bug fix requests, ensuring security is a foundational element of our development lifecycle. You will empower team members to deliver high-quality, secure solutions and align with our core security and engineering practices.

• Secure SDLC: You will execute on the strategic roadmap for Unqork's product security program (cloud and application security), aligning with business goals and risk tolerance. Mature our Secure Software Development Lifecycle (SSDLC) by integrating security controls, automation and tooling into our CI/CD pipelines and governing the security release process. 
• Application Security: Drive the SSDLC throughout Unqork, embedding security from design to deployment. This includes conducting threat modeling and architectural security reviews for all applications, managing and maturing our SAST, DAST, and SCA tooling, and spearheading vulnerability remediation efforts. You'll act as a subject matter expert, guiding development teams on secure coding practices and fostering a strong security culture across the organization. 
• Cloud Security: Ensure adherence to regulatory requirements and industry best practices by defining and enforcing secure architectures and security policies and standards within our Cloud Service Providers. This involves managing our monthly FedRAMP continuous monitoring, maintaining cloud security policies in Cloud Security Posture Management systems, reviewing security notifications from AWS, GCP, and Azure, and ensuring our security controls and configurations are consistently and effectively enforced.
• Cross-Functional Collaboration: Partner with leadership in Security, Product, Engineering, and Legal to embed security ownership, drive architectural decisions, and manage risk. This includes creating secure design requirements and conducting security testing for new platform features and infrastructure changes. 
• Incident Response & Remediation: Lead the product security aspects of incident response, guiding root cause analysis, driving remediation efforts, and implementing preventative measures. Collaborate with SecOps to enhance logging, monitoring, and detection for cloud and app-layer threats  You will coordinate offensive security engagements and red/purple‑team exercises leveraging offensive tooling and threat modeling to find weaknesses proactively..
• Policy, Standards & Compliance: Define, implement, and enforce product security policies, standards, and guidelines, ensuring adherence to regulatory requirements and industry best practices.

What U bring:

• 10+ years of progressive experience in information security.
• Deep understanding of modern web application architectures (e.g., microservices, event-driven), cloud technologies (AWS, Azure, GCP), and secure coding principles.
• Extensive experience with application security testing methodologies (SAST, DAST, SCA, penetration testing), vulnerability management, and common web application vulnerabilities (OWASP Top 10).
• Demonstrated ability to define and execute security strategies, develop roadmaps, and translate complex technical concepts into actionable plans for various stakeholders.
• Exceptional communication, presentation, and interpersonal skills, with the ability to influence and collaborate effectively across all levels of the organization.
• Experience establishing and integrating security tooling into the product development lifecycle, including CI/CD pipelines, and driving automation efforts. This includes hands-on experience with tools like Semgrep, Dependabot, Qualys, and Lacework.
• Relevant Certifications (Preferred): CISSP, CSSLP, CCSP, or other industry-recognized security certifications.

Compensation, Benefits, & Perks

💻 Work from home with a remote-first community

🏝 Unlimited PTO (and the encouragement to use it)

📝 Student loan payback program

🏥 100% employer-covered medical, dental, and vision options available to you and your dependents

💸 Flexible Spending Account (FSA)

🏠 Monthly stipend toward your WFH setup, vacation, development and more

💰 Employer-sponsored 401(k) with contribution match

🏋🏻‍♀️ Subsidized ClassPass Membership

🍼 Generous Paid Parental Leave 

💲 Hiring Ranges:

• Tier 1: $142,400 - $178,000 base salary
• Tier 2: $128,200 - $160,200 base salary

Unqork employs a market-driven approach to establish compensation ranges. In addition to a base salary, employees may also be eligible to receive a target incentive and company equity in the form of stock options.

An employee’s compensation within the range provided above depends on a variety of factors including, but not limited to, their location, role, skillset, level of experience, and similar peer salaries.

As a remote-first company, Unqork incorporates a geographic differential into our compensation structure, depending on the candidate’s location. We utilize a tiered system—Tier 1 and Tier 2—to accurately reflect local market rates and ensure our compensation packages are both fair and competitive.
Our geographic tiers are defined as follows:

• Tier 1: New York Metro, Seattle Metro, San Francisco Bay Area 
• Tier 2: All other US and US territory locations 

Unqork embraces a culture of security and privacy awareness by consistently safeguarding sensitive information, adhering to company policies, and actively participating in training and initiatives to protect our data and the privacy of our stakeholders. 

Unqork is an equal opportunity employer. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.