AppSec Automation Engineer (Application Security)

TL;DR

AppSec Automation Engineer (Application Security): Designing and integrating security tools into CI/CD pipelines to support RingCentral's Security Development Lifecycle program, with an accent on automating scans management and orchestration. Focus on developing universal solutions for DevOps engineers, supporting infrastructure for security tools, and building feedback channels for engineering teams.

Location: Hybrid, requiring 4 days on-site presence at our office each week.

Company

RingCentral is a product company providing cloud-based business communications solutions, including unified communications as a service (message, video, phone) and contact center as a service.

What you will do

• Collaborate with DevOps engineers to design security tool/scanner integrations into their pipelines.
• Develop universal solutions (GitLab CI/CD templates, Jenkins shared libraries, APIs, CLI utilities) for diverse pipeline technologies.
• Automate scheduled regular runs of security scanners and other periodic activities.
• Develop in-house utilities, APIs, and web-apps for the application security team.
• Support existing solutions by fixing bugs, adding new features, and onboarding new system components.
• Support infrastructure for on-premises security tools, including OS updates, vendor updates, and scaling.
• Design, develop, and support feedback channels from security tools for engineering teams (e.g., dashboards, JIRA integrations).

Requirements

• 2+ years of experience in DevSecOps engineer, DevOps engineer, or application security engineer positions.
• Understanding of CI/CD processes.
• Experience in Python development.
• System administration skills (Windows, Unix).
• Experience with Docker and Kubernetes.
• Experience in GitLab CI/CD and Jenkins jobs development.
• English: B2 required.

Nice to have

• Familiarity with principles of building a secure software development lifecycle (e.g., OWASP SAMM).
• Familiarity with OWASP DevSecOps Guideline and GitOps approach.
• Experience with modifying/creating rules for security scanners.
• Experience in Go development or front-end development.
• Experience in AI agents development (building agents, MCP servers, prompt engineering).

Culture & Benefits

• Work in a well-coordinated professional team.
• Access to cutting-edge technologies, interesting and challenging tasks, and a dynamic project.
• Great opportunities for self-realization, professional and career growth.
• Additional Health and Life Insurance Package.
• Employee Assistance Program.
• 25 vacation days.