×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Lead IT Security Engineer

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Stefanini, Inc
Full Time position
Listed on 2026-03-13
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 87 - 92 USD Hourly USD 87.00 92.00 HOUR
Job Description & How to Apply Below

Join us to co-create solutions for a better future! Job Details

Lead IT Security Engineer – San Francisco, CA

Posted: 3/11/2026

Information Technology

Stefanini Group is hiring!

Stefanini is looking for a Lead IT Security Engineer – Remote.

For quick Apply, please reach out to Akash Gupta:  /

W2 candidates only!

Responsibilities
  • The Client – Common Data Platform (CDP) is seeking an experienced Security Engineer to drive the integration of security capabilities into our CI/CD pipelines and development workflows. This role is critical to our multi-year Dev Sec Ops  transformation initiative, which aims to modernize security practices across five development teams while supporting CDP’s cloud migration and platform modernization goals.
  • As a Security Engineer, you will work at the intersection of development, security, and operations to build automated security controls directly into our software delivery pipelines. You will partner closely with Application Security, Security Champions, and development teams to ensure security is embedded early in the development lifecycle without compromising delivery velocity.
  • This is a hands‑on technical role requiring deep expertise in CI/CD automation, containerization, infrastructure‑as‑code, and security tooling integration. You will be responsible for implementing build gates, automating security scans, developing custom integrations, and ensuring our Git Lab‑based pipelines provide consistent, measurable security controls across the entire CDP portfolio.
Key Areas of Work
  • Design, implement, and maintain security controls within Git Lab CI/CD pipelines
  • Develop pipeline automation scripts
  • Develop and enforce container security policies aligned with Client standards
  • Work with Security Champions to provide technical support and training on pipeline security features
  • Develop reference architectures and example implementations for secure pipelines
  • Support developers in understanding and resolving security findings
  • Support pipeline assessment data collection through pipeline telemetry
  • Coordinate with GRC teams on security control validation and evidence collection
  • Mentor and guide team members in secure development practices

    Advocate for security throughout the SDLC
Qualifications
  • Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience)
  • Ability to document technical processes, create runbooks, and develop training materials
  • Self‑starter with ability to work independently and manage multiple priorities
  • Team focus, flexible thinking, willingness to learn, desire to enable security to support the business
  • Ability to travel to San Francisco main office for final interview and/or onboarding
Technical Skills
  • 5+ years of experience in Dev Ops, SRE, or Platform Engineering roles
  • 3+ years of hands‑on experience with Git Lab CI/CD (or similar platforms like Jenkins, Git Hub Actions, Azure Dev Ops)
  • Strong expertise in CI/CD pipeline design, implementation, and optimization
  • Proficiency in scripting and automation using Python, Bash, or similar languages
  • Deep understanding of containerization technologies (Docker, Kubernetes, ECS)
  • Experience with Infrastructure‑as‑Code tools (Terraform preferred)
  • Practical knowledge of AWS cloud services
  • Experience integrating security scanning tools into CI/CD pipelines
  • Strong understanding of Git workflows, branching strategies, and merge request processes
  • Experience with configuration management and pipeline‑as‑code practices
Security Knowledge
  • Working knowledge of application security concepts and vulnerability types (OWASP Top 10)
  • Familiarity with security scanning tools such as:
    • SAST tools (Semgrep, Sonar Qube, Checkmarx, or similar)
    • SCA tools (Sonatype, Snyk, Black Duck, or similar)
    • Container scanning tools (Trivy, Prisma, Aqua, or similar)
    • DAST tools (OWASP ZAP, Burp Suite, or similar)
  • Understanding of secrets management best practices and tools
  • Knowledge of secure software development lifecycle (SSDLC) principles
  • Familiarity securing a Data Lakehouse
Process and Collaboration
  • Experience working in Agile/Scrum environments with 2‑week sprint cycles
  • Strong collaboration skills with ability to work across security, development, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search