×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Security Engineer

Job in Nicholasville, Jessamine County, Kentucky, 40356, USA
Listing for: Hexion
Full Time position
Listed on 2026-06-21
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Hexion is a global leader in specialty chemicals, delivering innovative solutions that improve performance, sustainability, and efficiency across industries. As part of our ongoing commitment to protecting enterprise assets, customer data, and operational continuity, we are investing in a world‑class security engineering function. This team is responsible for embedding security deeply into our software development lifecycle, cloud infrastructure, and enterprise operations.

Ensuring that security is a first‑class engineering discipline, not an afterthought.

Position Overview

The Senior Security Engineer is a hands‑on technical leader responsible for architecting and operationalizing security across Hexion's software development pipelines, cloud environments, and enterprise systems. This role requires deep expertise in application security tooling (SAST, DAST, SCA), software supply chain integrity (SBOM), secrets management, cloud security posture, and Dev Sec Ops  practices.

This role ensures:

  • Security is embedded at every stage of the software development lifecycle (SSDLC)
  • Vulnerabilities are identified and remediated before reaching production
  • Cloud and application security baselines are defined, enforced, and continuously validated
  • Developer teams are equipped with secure‑by‑default tooling and guardrails

This is a builder's role — equal parts engineer, pen tester, and practitioner.

One‑Line Summary

Build and operate the security engineering function that makes Hexion's software development life cycles, pipelines, and cloud environments secure by design.

Key Responsibilities

1. Application Security Testing (SAST / DAST / SCA)

Own the selection, deployment, tuning, and continuous operation of application security testing tools:

  • Implement and manage Static Application Security Testing (SAST) tools integrated into CI/CD pipelines (e.g., Checkmarx, Synk, Semgrep, Sonar Qube, Veracode)
  • Deploy and operate Dynamic Application Security Testing (DAST) solutions for runtime vulnerability detection (e.g., OWASP ZAP, Burp Suite Enterprise, Checkmarx)
  • Integrate Software Composition Analysis (SCA) to identify vulnerabilities in open‑source dependencies (e.g., Snyk, Black Duck, Dependabot)
  • Establish triage workflows, severity thresholds, and developer‑facing remediation guidance
  • Track vulnerability metrics and report on risk reduction trends to security leadership

2. Software Bill of Materials (SBOM)

Build and govern the enterprise SBOM program:

  • Define SBOM generation standards across all software
  • Integrate SBOM generation into build pipelines as a gating control
  • Maintain SBOM inventory and correlate with known vulnerability feeds (NVD, OSV, CVE)
  • Support regulatory and customer‑facing SBOM disclosure requirements
  • Advise engineering teams on dependency hygiene and license compliance

Embed security natively into CI/CD pipelines and developer workflows:

  • Design and enforce pipeline security gates — no build ships without passing defined security checks
  • Implement pre‑commit hooks, PR scanning, and automated security feedback loops
  • Define and enforce secure pipeline configurations across Git Hub Actions, Azure Dev Ops, Jenkins, or equivalent
  • Govern pipeline access controls, service account permissions, and artifact signing
  • Partner with platform engineering to harden build infrastructure and runner environments

4. Secrets Management

  • Leverage and manage secrets management solutions (Delina, Cyber Ark, AWS Secrets Manager, Azure Key Vault)
  • Eliminate hardcoded credentials across codebases — implement detection and remediation pipelines
  • Define secrets rotation policies, access controls, and audit logging standards
  • Integrate secrets injection into CI/CD pipelines and application runtimes
  • Conduct periodic secrets sprawl audits and enforce zero standing secrets in code repositories

5. Code & Branch Management Security

Establish and enforce secure source control practices:

  • Define branch protection standards for master/main and sub‑branches (required reviewers, status checks, signed commits)
  • Govern repository access policies, least‑privilege permissions, and PAT/token lifecycle
  • Implement code scanning and secret detection on all branches, not just main
  • Enforce…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search