1

Secure Code Review Jobs in California (NOW HIRING)

Staff Engineer

Pleasanton, CA · On-site

$193K - $242K/yr

... secure distributed backend services. * Work with product management, architects and other ... Experience as a technical lead for design, architecture and code review of highly scalable ...

Perform security code reviews and penetration testing on our web applications and services ... Experience with secure coding practices for web applications. * Software development experience and ...

The engineer partners with development teams on secure repository practices cryptographic signing ... GitHub Copilot for Security, AFL++ (American Fuzzy Lop), LibFuzzer, Custom LLM-assisted code review ...

Apply Early

Lead Software Engineer

Palo Alto, CA · On-site

$152K - $215K/yr

Develops secure high-quality production code, and reviews and debugs code written by others * Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall ...

Develops secure high-quality production code, and reviews and debugs code written by others * Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall ...

Senior Software Engineer (Card Present)

Irvine, CA · On-site

$129K - $171K/yr

... secure code that meets PCI DSS requirements across all card-present transaction flows, with a ... review feedback, and knowledge sharing. • Document card-present domain knowledge including ...

next page

Showing results 1-20

Secure Code Review information

What is secure code review?

Secure code review is the process of systematically examining application source code to identify and remediate security vulnerabilities before software is released. This review can be performed manually or with automated tools, focusing on areas where coding errors could lead to security risks such as injection attacks, data leaks, or authentication flaws. The goal is to ensure that the code adheres to secure coding standards and best practices, ultimately reducing the risk of exploitation by malicious actors.

What are the key skills and qualifications needed to thrive as a Secure Code Reviewer, and why are they important?

To thrive as a Secure Code Reviewer, you need a solid understanding of secure coding practices, programming languages (such as Java, Python, or C++), and common software vulnerabilities, often supported by relevant security certifications like CISSP or CSSLP. Familiarity with automated code analysis tools, static application security testing (SAST) platforms, and bug tracking systems is typically required. Strong analytical thinking, attention to detail, and clear communication skills set outstanding reviewers apart. These abilities are crucial for identifying, explaining, and mitigating security risks in code, ensuring robust application security.

What are some common challenges faced by professionals performing secure code reviews, and how can they be addressed?

Secure code reviewers often encounter challenges such as keeping up with evolving security threats, identifying subtle vulnerabilities in complex codebases, and maintaining effective communication with development teams. To address these, reviewers should stay updated on the latest security trends, use automated tools to assist in identifying potential issues, and foster collaborative relationships with developers to ensure that findings are understood and remediated effectively. Regular training, participating in security communities, and integrating secure code review into the software development lifecycle can also help overcome these challenges.

What is the difference between Secure Code Review vs Static Application Security Testing (SAST)?

AspectSecure Code ReviewStatic Application Security Testing (SAST)
CredentialsKnowledge of secure coding, programming languages, security standardsSecurity testing tools, programming knowledge, security certifications
Work EnvironmentManual review, developer collaboration, code analysisAutomated scanning, integration with CI/CD pipelines
Industry UsageDevelopment teams, security analysts, code auditsSecurity teams, QA, DevOps, automated security testing

Secure Code Review involves manual or semi-automated analysis of source code to identify security flaws, emphasizing developer collaboration. SAST uses automated tools to scan code for vulnerabilities during development, enabling faster detection. Both roles aim to improve code security but differ in approach: one is manual and detailed, the other automated and scalable.

What job categories do people searching Secure Code Review jobs in California look for? The top searched job categories for Secure Code Review jobs in California are:
Infographic showing various Secure Code Review job openings in California as of June 2026, with employment types broken down into 56% Full Time, and 44% Part Time. Highlights an 100% Remote job distribution.
Staff Engineer

Staff Engineer

BlackLine

Pleasanton, CA • On-site

$193K - $242K/yr

Full-time

Posted 11 days ago


Job description

Overview

As a Staff Software Engineer, you will play a crucial role in building the next generation of BlackLine and data platform. BlackLine thrives on data and we are investing heavily in being able to sync data from and to BlackLine and various ERP, Bank, Payments, Tax and Subledger systems. You will be responsible for designing and building connectors to these various systems, while striving for extensibility, usability and scalability of data transfer using a full breadth of data transfer protocols available by each system. You will be be part of a team which drives innovation into our product suite by designing, developing, troubleshooting, maintaining, optimizing and scaling cloud-based backend platform components, services and frameworks, including but not limited to Event Bus, API Gateway, Developer Portal, Job Scheduler, Identity Management, Search, Workflow Orchestration and Data Integration. In addition to being a hands-on engineer, you will also lead and mentor other engineers in the team. 

If you have a passion for delivering products that make a difference, are driven to make things better in all that you do and are eager to work in a collaborative agile environment where developers are dedicated to solving customer problems and innovating, we would love to talk to you.

Responsibilities
    • Provide technical expertise and leadership in requirements analysis, design, effort estimation, development, testing and delivery of highly scalable and secure distributed backend services. 
    • Work with product management, architects and other engineering teams to understand stated and unstated needs and turn them into functional and technical requirements.  
    • Maintain a strong sense of business value and return on investment in planning, design, and communication.  
    • Lead technical design and architecture discussions and help drive technical decisions while making appropriate trade-offs on technology, functionality, robustness, performance and extensibility. 
    • Estimate the project scope and timelines, and consistently deliver on those commitments.  
    • Implement, refine, and enforce software development techniques to ensure that the delivered features meet software integration, performance, security, and maintainability expectations.  
    • Research, test, benchmark, and evaluate new tools and technologies, and recommend ways to implement them in product development.  
    • Maintain high standards of software quality and technical excellence within the team by establishing good practices and writing clean, testable, maintainable, and secure code.  
    • Inspire a forward-thinking team of developers, acting as an agent of change and evangelist for a quality-first culture within the organization.  
    • Mentor and coach team members, guide them to solutions on complex design issues and do peer code reviews.  
    • Proactively identify issues, bottlenecks, gaps, or other areas of concerns or opportunities and work to either directly affect change, or advocate for that change.  
    • Perform critical maintenance, deployment, and release support activities, including occasional off-hours support.
  •  
Qualifications
    • BS degree in Computer Science, or equivalent experience.  
    • 6+ years of professional experience in building Web scale highly available multi-tenant SaaS with focus on backend platform, frameworks, RESTful APIs and microservices. 
    • Expert in one or more object-oriented programming languages - C#, Java or C++.  
    • A solid computer science foundation including data structures, algorithms, and design patterns, with a proven track record of writing high concurrency, multi-threaded, secure, scalable code.  
    • Proven experience deilivering and extending highly extensible, modular applications with various models of extensibility such as white-box, glass-box, gray-box, and black-box. In practice, experience with extensibiity through OO patters, plugins, external callouts, and events and notifications. 
    • Experience as a technical lead for design, architecture and code review of highly scalable distributed systems and event driven architecture.  
    • Fluent in SQL, No-SQL, data modeling and transactional flows.  
    • Superior analytical, problem-solving and system level performance analysis abilities.  
    • Excellent written and verbal communication skills.  
    • Adaptable team player with strong collaboration skills and a focus on results and value delivery.  
    • Experience working in an Agile development environment. 
    • Passion for engineering excellence through automation, unit testing, and process improvements.  
    • Experience with data integration and ETL tools (both productized and open source) 
  •  
Salary RangeUSD $193,000.00/Yr. - USD $242,000.00/Yr.Employee Referral Bonus Amount$1,500Employment Type: FULL_TIME