ZipRecruiter

Log In

1

Secure Code Review Jobs in California (NOW HIRING)

Sandisk

Security Firmware Engineer

Irvine, CA ยท On-site

Participate in secure development lifecycle activities, including threat modeling, security design reviews, and secure code reviews. Qualifications REQUIRED: * Bachelor's or Master's degree in ...

Sandisk

Security Firmware Engineer

Irvine, CA

Participate in secure development lifecycle activities, including threat modeling, security design reviews, and secure code reviews. Qualifications REQUIRED: * Bachelor's or Master's degree in ...

Ivo

Lead Application Security Engineer

San Francisco, CA ยท On-site

$69.25 - $92.50/hr

Contribute application security input to enterprise security reviews, SOC 2 Type II, ISO 27001, ISO 42001, and customer-facing trust documentation. * Mentor engineers on secure coding and be the go ...

Aptus Solutions Inc.

PEN TESTER

San Jose, CA

... Perform Secure Code Development Training to developers and relevant staffs Support security ... reviews, designing etc. Experience using vulnerability assessment tools/platforms such as IBM ...

EBizCharge

Senior Software Engineer (Card Present)

Irvine, CA ยท On-site

$131K - $173K/yr

Write secure code that meets PCI DSS requirements across all card-present transaction flows , with ... review feedback, and knowledge sharing. * Document card-present domain knowledge including ...

Sandisk

Security Firmware Engineer

Irvine, CA ยท On-site

$84K - $139K/yr

Participate in secure development lifecycle activities, including threat modeling, security design reviews, and secure code reviews. Qualifications REQUIRED: * Bachelor's or Master's degree in ...

Anthropic

Senior Software Security Engineer

San Francisco, CA ยท On-site

$134K - $185K/yr

Design and implement secure development frameworks and libraries that make secure coding the path ... Identify and remediate security gaps through code review, threat modeling, and hands-on debugging

Tatari

Senior Application Security Engineer

Los Angeles, CA ยท Hybrid

$165K - $190K/yr

... make secure coding easier for application engineers * Own SAST/DAST/SCA tooling: selection, tuning, CI/CD integration, and triage * Conduct application security reviews and threat models for new ...

Tatari

Senior Application Security Engineer

Los Angeles, CA ยท On-site

$165K - $190K/yr

... make secure coding easier for application engineers * Own SAST/DAST/SCA tooling: selection, tuning, CI/CD integration, and triage * Conduct application security reviews and threat models for new ...

next page

Showing results 1-20

All JobsSecure Code Review JobsSecure Code Review Jobs in California

Secure Code Review information

What is secure code review?

Secure code review is the process of systematically examining application source code to identify and remediate security vulnerabilities before software is released. This review can be performed manually or with automated tools, focusing on areas where coding errors could lead to security risks such as injection attacks, data leaks, or authentication flaws. The goal is to ensure that the code adheres to secure coding standards and best practices, ultimately reducing the risk of exploitation by malicious actors.

What are the key skills and qualifications needed to thrive as a Secure Code Reviewer, and why are they important?

To thrive as a Secure Code Reviewer, you need a solid understanding of secure coding practices, programming languages (such as Java, Python, or C++), and common software vulnerabilities, often supported by relevant security certifications like CISSP or CSSLP. Familiarity with automated code analysis tools, static application security testing (SAST) platforms, and bug tracking systems is typically required. Strong analytical thinking, attention to detail, and clear communication skills set outstanding reviewers apart. These abilities are crucial for identifying, explaining, and mitigating security risks in code, ensuring robust application security.

What are some common challenges faced by professionals performing secure code reviews, and how can they be addressed?

Secure code reviewers often encounter challenges such as keeping up with evolving security threats, identifying subtle vulnerabilities in complex codebases, and maintaining effective communication with development teams. To address these, reviewers should stay updated on the latest security trends, use automated tools to assist in identifying potential issues, and foster collaborative relationships with developers to ensure that findings are understood and remediated effectively. Regular training, participating in security communities, and integrating secure code review into the software development lifecycle can also help overcome these challenges.

What is the difference between Secure Code Review vs Static Application Security Testing (SAST)?

AspectSecure Code ReviewStatic Application Security Testing (SAST)
CredentialsKnowledge of secure coding, programming languages, security standardsSecurity testing tools, programming knowledge, security certifications
Work EnvironmentManual review, developer collaboration, code analysisAutomated scanning, integration with CI/CD pipelines
Industry UsageDevelopment teams, security analysts, code auditsSecurity teams, QA, DevOps, automated security testing

Secure Code Review involves manual or semi-automated analysis of source code to identify security flaws, emphasizing developer collaboration. SAST uses automated tools to scan code for vulnerabilities during development, enabling faster detection. Both roles aim to improve code security but differ in approach: one is manual and detailed, the other automated and scalable.

What are popular job titles related to Secure Code Review jobs in California? For Secure Code Review jobs in California, the most frequently searched job titles are:
What job categories do people searching Secure Code Review jobs in California look for? The top searched job categories for Secure Code Review jobs in California are:
Secure Code Review jobs near you
Sr. Security Software Engineer, Corporate Security

Sr. Security Software Engineer, Corporate Security

Pinterest

San Francisco, CA โ€ข On-site, Remote

$134K - $185K/yr

Other

Posted 7 days ago

Job description

This role is part of Pinterest's Corporate Security team and will collaborate closely with engineers to tackle complex enterprise security challenges. You will have the opportunity to design and implement innovative solutions that protect Pinterest's systems and data. Your work will directly contribute to ensuring the safety and resilience of the company's enterprise environment.

What you'll do:ย 

  • Automation & Tooling - Develop scripts, tools, and automated pipelines to streamline vulnerability scanning, incident triage processes. Integrate security tools within CI/CD pipelines.
  • Security Architecture & Code Review - Consult and engineer secure-by-design systems. Conduct design and code reviews to identify vulnerabilities, misconfigurations, and security flaws early in the development lifecycle.
  • Champion Security Automation Culture: Advocate for and educate team members on secure coding, automation practices, and emerging security technologies.
  • Implement Secure Engineering Practices -ย  Design, develop, and maintain software systems with security best practices integrated throughout the development lifecycle.
  • Collaborate with XFN Teams - Partner with security engineers and IT to improve detection and remediation of threats across infrastructure and applications.
  • Use AI to accelerate analysis and iteration, while applying judgment and verification to ensure correctness and quality.
  • Leverage AI to streamline and enhance the efficiency, accuracy, and coverage of security engineering and review processes.

What we're looking for:

  • Bachelor's degree in Computer Science, Cybersecurity or, a related field or equivalent experience.
  • 5+ years of experience in corporate security or security related software engineering role.
  • Linux/UNIX, macOS or Windows internals with an emphasis on proactive hardening.
  • Experience working in conjunction with IT architectural and infrastructure groups to coordinate and implement roadmaps for future scalability, growth, and capacity.
  • Fleet management experience (e.g. Puppet, Chef, Terraform or similar).
  • Cloud computing experience (infrastructure or security experience both valuable).
  • Systems security experience (e.g. hardening a corporate identity environment).
  • Demonstrated ability to use AI to improve speed and quality in your day-to-day workflow for relevant outputs.
  • Strong track record of critical evaluation and verification of AI-assisted work (e.g., testing, source-checking, data validation, peer review).
  • High integrity and ownership: you protect sensitive data, avoid over-reliance on AI, and remain accountable for final decisions and deliverables.

Relocation Statement:

  • This position is not eligible for relocation assistance. Visit our PinFlex page to learn more about our working model.

In-Office Requirement Statement:

  • We recognize that the ideal environment for work is situational and may differ across departments. What this looks like day-to-day can vary based on the needs of each organization or role.
  • This role will need to be in the office for in-person collaboration 1-2 times every 6-months and therefore can be situated anywhere in the country.

#LI-REMOTE

#LI-AH2

Apply