Senior Security Operations Engineer
Indexed description
What To Know
- Commvault does not conduct interviews by email or text.
- We will never ask you to submit sensitive documents (including banking information, SSN, etc) before your first day.
About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.
What You’ll Do…
- Design / build / implement and maintain scalable automation tools and pipelines for application security, including static (SAST), dynamic (DAST), and software composition analysis (SCA) scanning.
- Collaborate with developers, security engineers, and DevOps teams to integrate security automation seamlessly into CI/CD workflows.
- Identify opportunities for improving security tool coverage, efficiency, and performance.
- Develop custom scripts, plugins, or APIs to extend the capabilities of security testing and remediation automation.
- Monitor and analyze security automation tool results, generate actionable insights, and support incident response and remediation efforts.
- Stay up to date on the latest security automation trends, technologies, and best practices, and advocate for continuous improvement in tooling and processes.
- Provide mentorship and guidance to other engineers on secure coding and secure development lifecycle practices.
- 6+ years of software engineering experience with a focus on security automation or application security.
- Proficiency in Python, Ruby, Go, Java, or similar programming languages.
- Strong understanding of application security principles, vulnerabilities (e.g., OWASP Top Ten), and remediation techniques.
- Hands-on experience implementing and configuring security scanning tools such as SAST (e.g., Checkmarx, Fortify), DAST (e.g., Burp Suite, OWASP ZAP), and SCA (e.g., Snyk, WhiteSource).
- Familiarity with CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI) and infrastructure as code tools (e.g., Terraform, Ansible) is a plus.
- Solid understanding of software development lifecycle (SDLC) processes and how to integrate security automation seamlessly.
- Excellent problem-solving skills and ability to work independently and as part of a team.
- Experience with cloud-native security automation (e.g., in AWS, Azure, or GCP environments).
- Familiarity with container security (e.g., Docker, Kubernetes) and related security scanning solutions.
- Knowledge of threat modeling and security risk assessments.
Commvault’s goal is to make interviewing inclusive and accessible to all candidates and employees. If you have a disability or special need that requires accommodation to participate in the interview process or apply for a position at Commvault, please email [email protected] For any inquiries not related to an accommodation please reach out to [email protected].
Commvault's Privacy Policy
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search