SoftServe is a global digital solutions company with headquarters in Austin, Texas, founded in 1993. Our associates work on 2,000+ projects with clients in the USA, Europe, and LATAM.

Our Critical Services Center of Excellence (CoE) is a group of passionate technologists specializing in software architecture, startups, and enterprise platforms. As part of SoftServe's Cybersecurity Practice Team, we help clients build trust in their systems by delivering reliable, tailored security solutions. We don't just identify gaps - we guide organizations through every step of the improvement journey, making sure they're equipped to handle today's threats and tomorrow's challenges.

With deep expertise across a wide range of technologies, we adapt our approach to meet each client's unique needs. Our team covers a broad spectrum of cybersecurity domains.

• An experienced cybersecurity professional with 5+ years across vulnerability management, application security, or cloud security domains
• Skilled in modern web application security, including JavaScript, TypeScript source code review, and Node.js, NPM ecosystem analysis
• Proficient in managing diverse application security challenges such as SCA, SAST/DAST, bug bounty triage, SSDLC support, and false-positive reduction
• Great at risk-based triage, cyber risk prioritization, remediation tracking, and validation of internal and external security findings
• Experienced with cloud-native environments, including containerized workloads and Kubernetes platforms
• Comfortable working with GitHub, issue-tracking systems like Jira, and CI/CD pipelines in fast-paced engineering environments
• A clear communicator who explains security impact, remediation priorities, and acceptable risk to engineering stakeholders
• Interested in emerging security domains, including AI-related risks and modern vulnerability management platforms (eg OX Security)
• A collaborative and pragmatic security enabler who works effectively in multicultural, distributed teams with strong English proficiency

• Own the full vulnerability management lifecycle by collecting findings from SAST, DAST, SCA tools, bug bounty platforms, and cloud security scanners, and driving them through validation, prioritization, and remediation tracking
• Analyze vulnerability data using aggregation platforms to remove false positives and convert raw findings into actionable tickets
• Review application source code written in JavaScript and TypeScript, inspect Node.js dependencies, and evaluate architectural context to determine real security impact
• Assess cloud-native and containerized environments by reviewing Kubernetes configurations and deployment patterns to identify security risks
• Prioritize security risks by applying risk-based frameworks and clearly defining what must be fixed immediately, what can be scheduled, and what can be risk-accepted
• Collaborate daily with development, platform, and DevOps teams using GitHub, Jira, and CI/CD pipelines to align on remediation plans and track progress
• Support the SSDLC by advising teams on secure design, reviewing security findings early, and ensuring issues are addressed before release
• Triage and validate findings from bug bounty submissions, penetration tests, and internal security reviews, coordinating follow-ups with relevant stakeholders
• Lead vulnerability management practices by mentoring engineers, influencing prioritization decisions, and improving processes rather than focusing on individual coding tasks

• Work with modern, cloud-native systems and security-conscious clients, applying security practices directly in real production environments
• Offer a high-ownership senior role with autonomy, where your decisions have a direct and measurable security impact
• Support continuous learning and professional growth through SoftServe's structured career path, internal expertise, and certification opportunities
• Deepen your expertise in vulnerability management, application security, and cloud security across complex, real-world systems
• Collaborate within a cybersecurity community that values pragmatism, ownership, and delivering real, actionable security results

SoftServe is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, age, sex, nationality, disability, sexual orientation, gender identity and expression, veteran status and other protected characteristics under applicable law. Let's put your talents and experience in motion with SoftServe.