Lead Engineer – Application Security Platform (Checkmarx | SRE & Automation)

About The Position

Requirements

• 5+ years of Systems Engineering, Technology Architecture experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 5+ years of experience in Platform Engineering, SRE, DevOps, or Systems Engineering roles
• Hands‑on experience with Checkmarx (SAST) or similar AppSec scanning tools (e.g., Fortify, Veracode, SonarQube)
• Strong experience with Windows-based systems, networking, storage, and performance tuning
• Solid understanding of CI/CD pipelines and DevSecOps practices
• Proven experience applying SRE principles (SLIs, SLOs, error budgets, toil reduction)
• Strong automation skills using Python, Bash, PowerShell, or similar scripting languages
• Experience with Infrastructure as Code (Terraform, Ansible, CloudFormation, ARM, etc.)
• Expertise in monitoring, logging, and alerting platforms (Splunk, Prometheus, Grafana, AppDynamics, Elastic, etc.)
• Deep troubleshooting skills across application, OS, database, and infrastructure layers

Nice To Haves

• Experience running security scanning platforms at enterprise scale (thousands of projects, high scan concurrency)
• Experience with container platforms (Kubernetes, OpenShift) and cloud environments (Azure, AWS, GCP)
• Knowledge of application security concepts (SAST, SDLC security, vulnerability management workflows)
• Experience with database platforms (MS SQL, PostgreSQL) and large‑scale data growth management
• Prior experience leading platform modernization or large tool upgrades

Responsibilities

• Platform Ownership & Reliability (SRE) Own end‑to‑end reliability, availability, and performance of the Checkmarx SAST platform across non‑prod, prod, and BCP environments Define and manage SLIs, SLOs, error budgets, and operational KPIs for scanning throughput, queue latency, and platform health Lead incident response, root cause analysis (RCA), and permanent remediation for platform outages or scan failures Proactively identify capacity, scaling, and performance bottlenecks (engines, managers, DB, storage, network)
• Automation & Engineering Excellence Design and implement automation for provisioning, configuration, scaling, upgrades, and maintenance of Checkmarx components Build Infrastructure as Code (IaC) using tools such as Terraform, Ansible, or equivalent Automate routine operational tasks (engine lifecycle, scan queue tuning, data retention, index maintenance, backups) Reduce toil by converting manual operational work into resilient, self‑healing automation
• DevSecOps & CI/CD Integration Own and enhance Checkmarx integrations with CI/CD platforms (GitHub, Jenkins, Azure DevOps, Harness, etc.) Ensure seamless developer experience with pipeline‑based security scanning and fast feedback loops Partner with Application Security teams to improve scan performance, false‑positive reduction, and adoption
• Observability & Monitoring Implement and maintain full‑stack observability (metrics, logs, alerts, dashboards) using tools such as Splunk, Prometheus, Grafana, AppDynamics, etc. Build actionable alerts to detect scan backlog growth, engine saturation, DB/storage issues, and platform degradation Drive proactive monitoring rather than reactive firefighting
• Modernization & Continuous Improvement Lead platform upgrades, hotfixes, and vendor‑recommended lifecycle management Drive containerization and cloud‑readiness initiatives for Checkmarx components where applicable Improve resiliency through active‑active / DR strategies, backup validation, and BCP testing Evaluate new Checkmarx features, plugins, and security scanning enhancements
• Technical Leadership Serve as SME and technical escalation point for Checkmarx across the enterprise Mentor engineers and promote SRE best practices, automation standards, and operational excellence Produce clear architecture, runbooks, and operational documentation Influence roadmap decisions with data‑driven insights and engineering rigor

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement