Job
Description
What Youll Do Job Title: Security Automation Engineer Integrated Engineering Systems Location: #LI-Hybrid Eligibility: 2 3years of software engineering experience Avalara is looking for a Security Automation Engineer to join our Integrated Engineering Systems team. In this role, you ll build and scale automated security tooling and integrate scanning pipelines into Avalara s core engineering systems. You will work closely with platform engineers, product teams, and DevSecOps to design scalable services and analytics dashboards that detect, track, and remediate vulnerabilities. This role is perfect for engineers who are passionate about security through automation , scaling secure development practices, and enabling teams to build safer software faster. What Your Responsibilities Will Be Design, develop, and maintain microservices and security automation pipelines that integrate into Avalara s CI/CD and engineering systems. Build tools and services in GoLang to automate SAST, DAST, and SCA scanning workflows. Build internal tooling to identify gaps in security coverage, automate remediation recommendations. Partner with service owners to provide secure development guidance, build remediation playbooks, and enforce policy via automation. Implement dashboards using Snowflake, Hex, and Grafana to ingest and analyse security data, monitor pipeline health and provide real-time visibility into scan reliability and security metrics for both engineering teams and leadership. What Youll Need to be Successful Core Qualifications B.Tech or B.E in Computer Science, Engineering, Math, or a related technical discipline. 2 5 years of software engineering experience, with 2 years of direct experience in platform security or DevSecOps teams. Proficiency in Golang, Python, Java, or .NET , with ability to write clean, secure, and maintainable code. Understanding of OWASP Top 10, CWE Top 25, and secure software development practices. Experience with integrating and operating SAST, DAST, and SCA tools in CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab). Knowledge of AWS or GCP security services and infrastructure-as-code best practices. Preferred Bonus Qualifications: Proven hands-on experience with Snowflake, Hex, and Grafana to build observability dashboards with alerts and SLA tracking. Security certifications. How Well Take Care of You Total Rewards In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses. Health & Wellness Benefits vary by location but generally include private medical, life, and disability insurance. Inclusive culture and diversit y Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship. Learn more about our benefits by region here: Avalara North America What You Need To Know About Avalara We re Avalara. We re defining the relationship between tax and tech. We ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year, and this year we became a billion-dollar business . Our growth is real, and we re not slowing down until we ve achieved our mission - to be part of every transaction in the world. We re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them. We ve been different from day one. Join us, and your career will be too. We re An Equal Opportunity Employer Supporting diversity and inclusion is a cornerstone of our company we don t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know. Core Qualifications B.Tech or B.E in Computer Science, Engineering, Math, or a related technical discipline. 2 5 years of software engineering experience, with 2 years of direct experience in platform security or DevSecOps teams. Proficiency in Golang, Python, Java, or .NET , with ability to write clean, secure, and maintainable code. Understanding of OWASP Top 10, CWE Top 25, and secure software development practices. Experience with integrating and operating SAST, DAST, and SCA tools in CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab). Knowledge of AWS or GCP security services and infrastructure-as-code best practices. Preferred Bonus Qualifications: Proven hands-on experience with Snowflake, Hex, and Grafana to build observability dashboards with alerts and SLA tracking. Security certifications. Design, develop, and maintain microservices and security automation pipelines that integrate into Avalara s CI/CD and engineering systems. Build tools and services in GoLang to automate SAST, DAST, and SCA scanning workflows. Build internal tooling to identify gaps in security coverage, automate remediation recommendations. Partner with service owners to provide secure development guidance, build remediation playbooks, and enforce policy via automation. Implement dashboards using Snowflake, Hex, and Grafana to ingest and analyse security data, monitor pipeline health and provide real-time visibility into scan reliability and security metrics for both engineering teams and leadership.
