Security Developer (AI-Enabled Remediation & DevSecOps)

Job Title: Security Developer (AI-Enabled Remediation & DevSecOps)
Remote

Role Summary

We are seeking a Security Developer to identify, prioritize, and remediate security vulnerabilities across applications, codebases, and infrastructure. This role will leverage AI-assisted tooling and automation to accelerate remediation efforts, reduce manual work, and improve the overall security posture at scale.

This is a hands-on role focused on fixing real vulnerabilities while building intelligent automation to prevent them from recurring.

⸻

Key Responsibilities

Application Security & Code Remediation
• Identify and remediate vulnerabilities from SAST, DAST, and dependency scanning tools
• Fix insecure code patterns (e.g., injection flaws, auth issues, insecure data handling)
• Partner with engineering teams to implement secure coding practices
• Perform security-focused code reviews

⸻

AI-Driven Security Automation
• Leverage AI coding assistants (e.g., GitHub Copilot, ChatGPT, internal LLM tools) to accelerate vulnerability remediation
• Build scripts, bots, or workflows that automatically:
• Generate secure code fixes
• Refactor vulnerable patterns
• Suggest dependency upgrades
• Integrate AI into CI/CD pipelines to assist with:
• Automated remediation suggestions
• Code review augmentation
• Security issue triage and prioritization
• Continuously evaluate emerging AI tools to improve security engineering efficiency

⸻

Secrets & Credential Management
• Detect and remediate exposed secrets (API keys, tokens, credentials) in repositories
• Implement automated scanning and prevention in CI/CD pipelines
• Design secure secrets management solutions (vaults, rotation policies, ephemeral credentials)

⸻

Dependency & End-of-Life (EOL) Remediation
• Identify outdated libraries, frameworks, and infrastructure components
• Automate dependency upgrades where possible
• Partner with DevOps to eliminate unsupported systems and reduce technical debt

⸻

Secure SDLC & DevSecOps Integration
• Embed security checks and AI-assisted remediation into CI/CD pipelines
• Implement guardrails that prevent insecure code from being merged
• Create reusable security modules, templates, and automation scripts

⸻

Collaboration & Enablement
• Act as a bridge between Security, Engineering, and Infrastructure teams
• Educate developers on secure coding and AI-assisted workflows
• Help prioritize vulnerabilities based on risk and exploitability

⸻

Required Qualifications
• 3–8+ years of software development experience
• Strong understanding of common vulnerabilities (e.g., OWASP Top 10)
• Experience fixing vulnerabilities in production codebases
• Hands-on experience with CI/CD pipelines and modern development workflows
• Experience using or integrating AI developer tools (e.g., Copilot, Claude, or similar)
• Familiarity with SAST, DAST, and dependency scanning tools

⸻

Preferred Qualifications
• Experience building automation scripts (Python, PowerShell, or similar)
• Familiarity with prompt engineering and AI-assisted code generation workflows
• Experience integrating AI into developer pipelines or tooling
• Cloud experience (AWS, Azure, or Google Cloud Platform)
• Knowledge of container/Kubernetes security

⸻

Key Skills
• Vulnerability remediation at scale
• AI-assisted development and automation
• Secure coding practices
• CI/CD and DevSecOps
• Dependency and secrets management
• Cross-functional collaboration

⸻

Success Metrics
• Reduction in critical/high vulnerabilities
• Faster remediation times (MTTR)
• % of vulnerabilities auto-remediated or AI-assisted
• Reduction in exposed secrets
• Decrease in EOL systems and libraries
• Adoption of secure coding + AI workflows across teams