Job Description

BASIC PURPOSE: The Cybersecurity Engineer is a high impact role and will be responsible for improving Clario's overall security capabilities and maturity. To do so, the engineer will work with teams across the enterprise to solve complex problems in innovative ways. We optimize for agility and speed, so we are looking for a professional with a well-rounded profile, strong foundations and a desire to learn new things. The ideal candidate should have a hybrid background in application security and development/automation scripting. The individual will also be responsible automating governance in the DevSecOps process. This is a "hands on" role requiring both good communication skills as well as technical knowledge.
What We Offer
Competitive compensation
Medical, dental, and vision insurance (starting Day 1 of employment)
Flexible work schedules
Attractive PTO plan
Engaging employee programs
Remote and hybrid work options
What You'll Be Doing
Collaborate cross-functionally with Product and Development teams to assess application footprints and perform in-depth penetration testing on internally developed systems and applications.
Document and clearly communicate findings to development teams and guide remediation efforts to completion.
Support the Product Security Director and Penetration Testing Team Lead in prioritizing and executing Security Impact Assessments aligned with Clario's standard operating procedures.
Identify and evaluate security risks in application code, infrastructure, and system configurations.
Enable DevSecOps by helping functional teams automate and shift security left without disrupting delivery.
Develop automation processes to generate developer feedback, auto-create remediation tasks, and trigger re-scans post-resolution.
Integrate security tools via API to centralize vulnerability data and support KPI reporting.
Review product and open-source code for vulnerabilities and offer strategic mitigation guidance.
Foster secure coding practices and strong development partnerships through education and ongoing collaboration.
What We Look For
Bachelor's degree or equivalent practical experience in cybersecurity, computer science, or related field
3-5 years of hands-on experience in application and network penetration testing, including web, mobile, and APIs
Strong understanding of application security frameworks (e.g., OWASP ASVS, NIST), secure SDLC, and automated testing tools (SAST, DAST, SCA)
Experience with security tools such as Burp Suite and vulnerability management platforms
Proven ability to conduct security assessments and guide development teams through remediation
Experience integrating security tooling via APIs and automating guardrails within CI/CD environments
Proficiency in scripting and development languages such as Python, PowerShell, JavaScript, Java, or C#
2-4 years of experience in a DevOps or software development role
Familiarity with advanced security tools and environments (e.g., Kali Linux, Nmap, Swagger, Postman, hybrid/cloud networks)
The Department Head has the discretion to hire personnel with a combination of experience and education, which may vary from the above listed qualifications.
EEO Statement
Clario is an equal opportunity employer. Clario evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status, or any other legally protected characteristic.