Application Security Engineer at Opal Labs
Portland, OR, US

About Opal

At Opal, we believe enterprise software should be beautiful, simple and designed for the job at hand. The Opal platform empowers marketing teams to collaborate within a dedicated environment to plan, visualize and deploy campaigns across all marketing channels, reducing complexity and aligning teams for better marketing results.

Our team is deeply invested in encouraging a culture that promotes design thinking, collaboration and a passion for excellence. We work together as a team to revolutionize the modern marketing organization.

The Position

We are seeking a Security Operations Engineer who is excited to work on a robust suite of web and mobile applications, allowing creative teams to collaborate and thrive in fast-paced environments at Fortune 500 brands and agencies all over the world. As a Security Operations Engineer at Opal, you will constantly improve the robustness of our security practices, compliance, tools and infrastructure, helping our engineering teams maintain the sky-high level of trust our organization has built with customers across the globe. The ideal candidate would be focused on some of the following key themes: access control, application security, cloud security, data security, forensics, hardening, incident response, monitoring and threat detection, remediation, training, and secure development.


  • Software Engineering + Security
  • Perform Static code analysis on source code and manage remediation for languages such as Ruby, Elixir and Javascript.
  • Ensure the security of architecture, design, development, coding and configuration of both existing systems as well as new initiatives and enforce security policies.
  • Discover and plan remediation for application vulnerabilities in the ruby/rails platform.
  • Coach fellow engineers on best practices for maintaining security throughout the software development lifecycle.
  • Document and communicate discovered issues; work with teams to resolve them in a manner which improves security and encourages agility
  • Research best practices for a variety of technologies and document / advise on solutions for security for multiple teams


  • Security Ops
    • Work closely with other members of the Technical Operations team to determine and implement changes to the company's network defense posture
    • Provide security domain expertise on protective controls, to include system, network, encryption, storage, and authentication services
    • Perform forensics research, Root Cause Analysis, and provide incident response
    • Document and create requirements around best practices for security systems and architectures for cloud and on-premise web applications
    • Ability to research, document and implement best practices for new platforms adopted by different departments.
    • Act as point (for the Product team) for all activities supporting key security certifications and the associated audits (i.e. ISO 27001, SOC 2, etc.).
    • Develop technical solutions and select or build new security tools to mitigate vulnerabilities.
    • Communicate with management and/or customers regarding threats, risks, assessments, and issues.
    • Effectively communicate security remediation strategies.
    • Build security monitoring systems from the ground up as new technologies become implemented.
  • DevOps
    • Develop hardening guidelines and review security configurations related to Linux/Unix hosts, Cloud technology deployments and common web application frameworks


  • Demonstrated ability to work effectively with individuals from diverse communities and cultures.
  • 3-5+ Years of DevOps / SecOps / DevSecOps experience supporting enterprise-grade web applications
  • Experience managing internal privacy and security certifications such ISO 27001, SOC 2 and GDPR
  • Experience implementing Web Application Scanning platforms
  • Proven ability to act as an internal champion for security within engineering teams
  • Static code analysis experience across a broad swatch of languages
  • Demonstrated ability to engineer security into full stack architectures on next-generation cloud and container platforms
  • Deep knowledge of one or more server configuration management frameworks such as Chef, Puppet, Ansible, or SaltStack
  • Detailed understanding of security industry standards and frameworks from OWASP, CIS and NIST
  • Proven ability to manage projects, gaining consensus and buy-in cross functionally
  • Proven ability to drive initiatives with diplomacy and empathy
  • Knowledge on load balancers, network device authentication, firewalls, network segregation, VPNs, SIEM

Desired Skills

  • Familiar with modern cloud management e.g. AWS or other cloud provider tools
  • Familiarity with Ruby, Rails, Elixir, and NodeJS
  • Familiarity with the Heroku PaaS ecosystem
  • Familiarity with Docker
  • Familiarity with Terraform
  • In depth Knowledge on ITIL processes like Incident management, Problem Management, Configuration management and Change Management processes.


  • A full-time, salaried position
  • Full healthcare coverage (health, dental, vision, FSA)
  • Short-term disability insurance
  • Company stock options
  • Company-sponsored outreach & activity programs
  • 401K
  • A very inviting and supportive team — we pride ourselves on our culture


Opal is committed to creating an inclusive and diverse environment.  We believe a diverse workplace promotes innovation and enhances decision making.  We encourage applications from all qualified candidates and will consider all applicants without regard to race, color, religion, gender identity or expression, national origin, sexual orientation, disability, age, or veteran status.