Security Engineer

at Believe Solutions
  • Remote - Worldwide

Remote

Cybersecurity

Mid-level

Job description

About the Role

We’re looking for a proactive and hands-on Penetration Tester who goes beyond red teaming and static reporting. In this role, you’ll be embedded within our Agile development teams, working side-by-side with developers, architects, and DevOps to identify, exploit, and remediate security weaknesses as part of the development lifecycle.

Instead of a traditional assessment-and-report approach, you’ll shift left, influencing design, architecture, and implementation with security in mind—helping us build secure-by-design products at sprint speed.

You’ll help teams identify security issues early, log findings directly into our Jira system, and assist in building and maintaining threat model documentation that’s central to our SDLC process.

Key Responsibilities

Participate in Agile ceremonies (standups, sprint planning, retros) to ensure security concerns are addressed early.

Perform ongoing penetration testing, code-assisted security reviews, and vulnerability analysis during development sprints.

Collaborate closely with developers to remediate security issues as they arise.

Develop and automate security test cases that integrate into CI/CD pipelines.

Analyze new features and user stories for security risks before they are implemented.

Assist development teams in creating and maintaining threat models as part of the SDLC.

Report vulnerabilities and findings directly in Jira, aligned with sprint workflows.

Promote a security-first culture through collaboration, mentoring, and knowledge sharing.

What We’re Looking For

Hands-on experience in penetration testing, offensive security, or vulnerability research.

Strong understanding of application security (OWASP Top 10, CWE, etc.) and secure SDLC practices.

Experience working in Agile environments (Scrum, Kanban).

Familiarity with Jira or similar ticketing systems.

Experience helping teams build and evolve threat model documents.

Knowledge of DevSecOps principles and CI/CD integration (e.g., GitLab CI, Jenkins, CircleCI).

Proficiency in security testing tools and scripting (e.g., Burp Suite, Metasploit, Nmap).

Ability to read and understand common programming languages (e.g., JavaScript, Python, Java, C#).

Strong communication skills with the ability to translate security concepts for non-security stakeholders.

Certifications like OSCP, OSWE, or equivalent experience are a plus.

Optional / Preferred Capabilities (Automation & Tooling)

Experience integrating automated security tests into CI/CD pipelines.

Familiarity with SAST/DAST tools (e.g., Semgrep, SonarQube, ZAP).

Ability to write scripts or tools to automate vulnerability discovery or exploitation.

Experience with infrastructure-as-code security tools (e.g., Checkov, tfsec).

Experience with container and orchestration security (e.g., Trivy, kube-bench, Falco).

Experience embedding security checks into Git hooks and developer workflows.

Nice to Have

Software development background

Experience with secure cloud architecture (AWS, Azure, GCP).

Familiarity with Terraform or CloudFormation.

Knowledge of container security best practices (Docker, Kubernetes).

Share this job:
Please let Believe Solutions know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Believe Solutions

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply