Software Security Engineer - Remote

Overview

ComplyAuto is a fast-growing RegTech SaaS company helping organizations strengthen compliance, security, and operational efficiency through cloud-based software. The Software Security Engineer will help shape and scale the application security program.

In Short

• Lead application security efforts across ComplyAuto's software environment.
• Conduct secure code reviews, threat modeling, and manual security assessments.
• Provide guidance to developers on identifying risks in JavaScript, TypeScript, React, Node.js, and APIs.
• Develop security policies and implement security testing tools.
• Automate SAST and DAST capabilities within CI/CD pipelines.
• Deliver secure coding training and support incident response.
• 5-7+ years of experience in application security or related fields required.
• Experience with cloud infrastructure across AWS, Azure, or GCP.
• Strong communication skills to translate technical risks into practical recommendations.
• Familiarity with security and compliance frameworks such as NIST CSF, CIS, SOC 2, and PCI-DSS.

Requirements

• 5-7+ years of experience in application security or software development.
• Hands-on experience reviewing code and identifying vulnerabilities.
• Comfortable working in TypeScript, JavaScript, or Python.
• Experience securing APIs and SaaS applications.
• Familiarity with SAST and DAST tools such as Snyk, Checkmarx, and Veracode.
• Strong communication skills.
• Experience with secure coding standards.
• Ability to work directly with engineers to design secure solutions.
• Knowledge of regulatory requirements like CCPA and GLBA.
• Authorization to work in the United States required.

Benefits

• 401(k) 5% match (1:1).
• 100% paid medical, dental, and vision insurance for employees and families.
• HSA contribution for qualifying plans.
• Unlimited Paid time off and 11 observed holidays.
• Laptop and related hardware provided.