Design, implement, and manage the integration of security tooling (SAST, DAST, SCA, Secrets Scanning) into our CI/CD pipelines.Develop and maintain automation scripts and platforms to streamline security processes and workflows.Own and operate the end-to-end vulnerability management lifecycle: identification, triage, prioritization, distribution, tracking, and reporting.Collaborate closely with engineering teams to ensure timely remediation of identified vulnerabilities and provide guidance on secure coding practices.Drive the adoption and implementation of the SLSA framework to enhance supply chain security.Continuously evaluate and improve existing security automation and vulnerability management workflows, bringing innovation and ownership to the process.Research emerging threats and vulnerabilities, particularly those relevant to our tech stack and development practices, translating findings into actionable detection or prevention mechanisms.Develop and maintain documentation for security automation tools, processes, and vulnerability management procedures.Assist in triaging and validating findings from various sources, including automated scanners, penetration tests, and bug bounty programs.Contribute to security training materials focused on secure development practices and the tools you implement.Support incident response activities, particularly where automation or vulnerability data can aid investigation and remediation. 