[Remote] Senior Security Engineer

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. Hexion is a global leader in specialty chemicals, and they are seeking a Senior Security Engineer to enhance their security engineering function. This role involves architecting and operationalizing security across software development pipelines, cloud environments, and enterprise systems, ensuring that security is integrated throughout the software development lifecycle.ResponsibilitiesOwn the selection, deployment, tuning, and continuous operation of application security testing tools:Implement and manage Static Application Security Testing (SAST) tools integrated into CI/CD pipelines (e.g., Checkmarx, Synk, Semgrep, SonarQube, Veracode)Deploy and operate Dynamic Application Security Testing (DAST) solutions for runtime vulnerability detection (e.g., OWASP ZAP, Burp Suite Enterprise, Checkmarx)Integrate Software Composition Analysis (SCA) to identify vulnerabilities in open-source dependencies (e.g., Snyk, Black Duck, Dependabot)Establish triage workflows, severity thresholds, and developer-facing remediation guidanceTrack vulnerability metrics and report on risk reduction trends to security leadershipBuild and govern the enterprise SBOM program:Define SBOM generation standards across all softwareIntegrate SBOM generation into build pipelines as a gating controlMaintain SBOM inventory and correlate with known vulnerability feeds (NVD, OSV, CVE)Support regulatory and customer-facing SBOM disclosure requirementsAdvise engineering teams on dependency hygiene and license complianceEmbed security natively into CI/CD pipelines and developer workflows:Design and enforce pipeline security gates — no build ships without passing defined security checksImplement pre-commit hooks, PR scanning, and automated security feedback loopsDefine and enforce secure pipeline configurations across GitHub Actions, Azure DevOps, Jenkins, or equivalentGovern pipeline access controls, service account permissions, and artifact signingPartner with platform engineering to harden build infrastructure and runner environmentsOperate enterprise secrets management:Leverage and manage secrets management solutions (Delina, CyberArk, AWS Secrets Manager, Azure Key Vault)Eliminate hardcoded credentials across codebases — implement detection and remediation pipelinesDefine secrets rotation policies, access controls, and audit logging standardsIntegrate secrets injection into CI/CD pipelines and application runtimesConduct periodic secrets sprawl audits and enforce zero standing secrets in code repositoriesEstablish and enforce secure source control practices:Define branch protection standards for master/main and sub-branches (required reviewers, status checks, signed commits)Govern repository access policies, least-privilege permissions, and PAT/token lifecycleImplement code scanning and secret detection on all branches, not just mainEnforce code signing and supply chain integrity controls for release pipelinesAudit and report on code repository posture across all engineering teamsOwn cloud security architecture and posture management:Deploy and operate Cloud Security Posture Management (CSPM) tooling (e.g., Wiz, Prisma Cloud, AWS Security Hub, Defender for Cloud)Define and enforce cloud security baselines across AWS, Azure, and/or GCP environmentsEnable IAM policies, network segmentation, resource tagging, and encryption standardsMonitor for misconfigurations, excessive permissions, and drift from approved baselinesIntegrate cloud security findings into enterprise risk and vulnerability management programsDefine and enforce security baselines across the enterprise:Author and maintain security configuration baselines aligned to CIS Benchmarks and internal policyImplement automated baseline compliance validation across cloud, OS, container, and application layersTranslate security policy into enforceable technical controls — policy as code where applicablePartner with compliance and risk teams to align technical baselines to regulatory requirements (SOC 2, ISO 27001)Champion security throughout the entire development lifecycle:Define and operationalize SSDLC practices across all engineering teams — from design through deploymentConduct threat modeling workshops with product and engineering teams for new systems and featuresDevelop security requirements, security user stories, and abuse cases for inclusion in sprint planningEstablish security review gates at key SDLC milestones (architecture review, pre-release, post-incident)Work across teams to make security a shared responsibility:Serve as the primary security engineering liaison to application development, platform engineering, and DevOps teamsPartner with the Security Operations Center (SOC) to connect pipeline telemetry with detection and response workflowsCollaborate with GRC and risk teams to translate findings into risk-language for executive reportingEngage with third-party vendors and open-source communities to stay current on tooling and threat intelligenceSkillsBachelor's degree in Computer Science, Information Security, Software Engineering, or related field (Master's preferred)7+ years of experience in security engineering, application security, application development, or DevSecOps rolesHands-on experience deploying and operating SAST, DAST, and SCA tooling in enterprise CI/CD environmentsDemonstrated experience building and managing SBOM programs at scaleDeep expertise in secrets management platforms (AWS Secrets Manager, or equivalent)Strong cloud security experience across AWS, Azure, including IAM, network security, and CSPM toolingExperience defining and enforcing branch protection, code signing, and repository security controlsProficiency in one or more scripting/programming languages (Python, Go, Bash, or equivalent) for automation and toolingWorking knowledge of SSDLC frameworks, threat modeling methodologies (STRIDE), and security requirements engineeringFamiliarity with security frameworks and standards: NIST CSF, NIST 800-53, CIS Benchmarks, OWASP Top 10, SANS 25Experience with Policy-as-code tooling (OPA/Rego, Sentinel, Checkov, Terrascan)Container and Kubernetes security (image scanning, admission controllers, runtime security with Falco or equivalent)Security champion program design and developer enablementEnterprise vulnerability management and risk-based prioritization programsCertifications (any of the following valued): CISSP, CSSLP, GWEB, GWAPT, AWS Security Specialty, Microsoft Security Engineer Associate, CCSPCompany OverviewBased in Columbus, Ohio, Hexion Inc. is a leading global producer of adhesives and performance materials. It was founded in undefined, and is headquartered in Columbus, Ohio, USA, with a workforce of 1001-5000 employees. Its website is https://www.hexion.com/.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Part-time Data Entry Specialist – Remote Opportunity with careerzynith

Remote

Require Registered Nurse, Home Health Full Time in Arlington Heights, IL

Remote

Sr Associate, Business Control & Risk Management GRC (REMOTE EST

Remote

Senior Director, Regulatory Affairs (Office or Remote)

Remote

Remote Customer Service Representative – Full‑Time & Part‑Time – Home‑Based Contact Center Agent for careerzynith

Remote

Entry Level Transportation Engineer

Remote

**Experienced Full Stack Technical Architect – Customer Success & Data Streaming Expert**

Remote

Require Faculty - Adjunct - Hospitality Management in Oakdale, PA

Remote

Presenter Teacher Performer

Remote

**Experienced Customer Support Representative – Work From Home Opportunity at arenaflex**

Remote
← Back