SecOps Engineer

Description Who are we? Checkmarx is the AI-powered application security leader helping the world’s most security-conscious enterprises secure the software that powers modern life. For more than two decades, our unified platform and services have helped organizations protect human- and AI-generated code from the first line through runtime, reducing risk across applications, cloud, and the software supply chain without slowing innovation.​ ​We’re trusted by 1,600+ customers in 70+ countries, including some of the largest enterprises and governments in the world. Guided by research-led innovation and a developer-first mindset, we help every developer, security team, and enterprise build software that is risk-free by design. What Are We Looking For? We are looking for a SecOps Engineer to join our Security Operations team as the technical lead for Incident Response and Cloud Security. The team is responsible for monitoring our production and corporate environments, responding to security incidents, and continuously hardening our cloud, network, and CI/CD posture. This role is the senior technical anchor of the function: the first responder during critical incidents, the architect behind our cloud and network defenses, and a technical mentor to the rest of the team. You will own the Incident Response practice, lead our cloud security program across CNAPP, SASE/ZTNA, and CI/CD supply-chain security, and partner with Engineering, DevOps, and Platform teams to drive security improvements at scale. Participation in an on-call rotation for critical incidents is required. How Will You Make an Impact? • Own our SASE/ZTNA stack: policy management, network security, secure access. • Own our CNAPP platform: workload protection, posture management, vulnerability prioritization. • Own our CI/CD security platform and drive software supply-chain security across the organization. • Serve as IR Expert: first responder for critical security incidents, owning detection, containment, eradication, and recovery. • Lead post-incident root-cause analysis and drive remediation across the organization. • Build and maintain IR playbooks, runbooks, and tabletop exercises. • Partner with DevOps and Platform teams on secure-by-default cloud architecture. • Contribute to broader security architecture decisions across the security stack. • Mentor more junior engineers on the team and lead technical reviews of their work. • Act as deputy to the SecOps Team Lead on strategic initiatives. • Participate in the critical-incident on-call rotation. Requirements What Is Needed to Succeed? • 3-4 years of hands-on experience in Security Operations or Security Engineering. • Demonstrated Incident Response leadership: You have run real incidents end to end, from detection through post-incident review. • Hands-on experience with CNAPP, CSPM, or CWPP platforms. • Knowledge of AWS, GCP, or Azure security primitives and cloud-native threat models. • Experience with SASE or ZTNA architectures. • Familiarity with CI/CD and software supply-chain security (e.g., GitHub Actions hardening, SLSA). • Scripting skills in Python (or equivalent) for automation, tooling, and IR support. • Working knowledge of MITRE ATT&CK and modern adversary tradecraft. • Ability to lead a war room, brief executives, and communicate clearly under pressure What we have to offer Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year. Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law.