Security Operations Engineer

As a Security Operations Engineer at Commvault, you will play a key role in driving innovation in application security by integrating automated testing tools into CI/CD workflows. Your focus will be on building scalable solutions, collaborating with cross-functional teams, and enhancing security processes to support the global security program. **Key Responsibilities:** - Design, build, implement, and maintain scalable automation tools and pipelines for application security, including static (SAST), dynamic (DAST), and software composition analysis (SCA) scanning. - Collaborate with developers, security engineers, and DevOps teams to seamlessly integrate security automation into CI/CD workflows. - Identify opportunities for improving security tool coverage, efficiency, and performance. - Develop custom scripts, plugins, or APIs to extend the capabilities of security testing and remediation automation. - Monitor and analyze security automation tool results, generate actionable insights, and support incident response and remediation efforts. - Stay updated on the latest security automation trends, technologies, and best practices, advocating for continuous improvement in tooling and processes. - Provide mentorship and guidance to other engineers on secure coding and secure development lifecycle practices. **Qualifications Required:** - 8+ years of software engineering experience with a focus on security automation or application security. - Proficiency in programming languages such as Python, Ruby, Go, Java, or similar. - Strong understanding of application security principles, vulnerabilities (e.g., OWASP Top Ten), and remediation techniques. - Hands-on experience with security scanning tools such as SAST, DAST, and SCA. - Familiarity with CI/CD pipelines and infrastructure as code tools is a plus. - Solid understanding of software development lifecycle processes and seamless integration of security automation. - Excellent problem-solving skills and ability to work independently and as part of a team. **Preferred Skills:** - Experience with cloud-native security automation in AWS, Azure, or GCP environments. - Familiarity with container security and related security scanning solutions. - Knowledge of threat modeling and security risk assessments. Commvault is committed to an inclusive and accessible interviewing process. If you require accommodation due to a disability or special need, please contact accommodations@commvault.com. For general inquiries, please reach out to wwrecruitingteam@commvault.com.,