About the role

Role Overview

Contract SecOps Engineer supporting application-layer security across customer environments. You’ll review code for common web vulnerabilities, remediate issues, and automate detection using security engineering practices.

Responsibilities

Perform expert secure code reviews with focus on OWASP Top 10 and CWE vulnerability classes.
Identify, triage, and remediate application-layer vulnerabilities (including broken access control and SQL injection).
Build and maintain security automation tools to streamline vulnerability detection, using Python, Go (GoLang), or JavaScript/TypeScript.
Conduct and document penetration tests, partnering cross-functionally to drive remediation.
Advise development teams on secure coding practices and embed a proactive security mindset in the software lifecycle.
Stay current on emerging threats and apply best practices in customer environments.

Requirements

Strong experience in software engineering or security operations, specifically application-layer security.
Proficiency in Python, Go (GoLang), Rust, JavaScript, or TypeScript.
Expertise in secure code review and professional penetration testing.
Strong familiarity with OWASP Top 10, CWE, and modern vulnerability classes.
Exceptional written and verbal communication skills.

Nice-to-haves

Experience integrating security into the full software lifecycle (secure SDLC practices).
Prior work building vulnerability detection automation.

Logistics

Location: Remote (United States)
Commitment: 10–40 hrs/week

About Crossing Hurdles

Crossing Hurdles is hiring a contractor SecOps Engineer to support application-layer security efforts. The role focuses on secure code review, vulnerability remediation, penetration testing, and building security automation tooling. This sits within cybersecurity and software security operations.

SecOps Engineer | $75/hr Remote

Tags