×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Cybersecurity Code Test Engineer

Job in Sunnyvale, Santa Clara County, California, 94087, USA
Listing for: Knightscope
Full Time position
Listed on 2026-06-13
Job specializations:
  • Security
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

About Knightscope

Knightscope is a security technology company building the Nation’s First Autonomous Security Force. The Company combines autonomous machines, advanced software, and human expertise to help protect people, property, and critical infrastructure. Knightscope’s long‑term mission is to make the United States of America the safest country in the world.

Job Summary

As a critical defender of our product and infrastructure ecosystem, the Cybersecurity Code Test Engineer will bridge the gap between secure development architectures and robust production systems. Reporting directly to the Director of Cybersecurity, this high‑impact role guarantees maximum autonomy and direct escalation paths for product security risks. You will oversee, architect, and execute advanced security testing paradigms across both bare‑metal/embedded firmware layers and cloud‑native software applications, enforcing adherence to strict secure development life cycles (SSDF) aligned to NIST SP 800‑218 frameworks.

Location

Full‑time, on‑site at Sunnyvale HQ.

The Role

This engineer owns end‑to‑end security testing across embedded firmware, cloud‑native applications, and the software supply chain, anchored to the NIST SP 800‑218 SSDF. Responsibilities include integrating automated security gates into CI/CD pipelines, conducting SAST/DAST across compiled code, microservices, and firmware binaries, and managing SCA tooling with SBOM generation for code provenance and regulatory compliance. The engineer partners with development teams on secure repository practices—cryptographic signing, branch protections, and secret‑leakage monitoring—and participates in threat modeling throughout the product lifecycle.

The role also applies AI/ML to advance test generation, vulnerability triage, and firmware fuzzing to stay ahead of known and emergent threats.

Key Responsibilities
  • SSDF Alignment — operationalize and validate engineering practices against NIST SP 800‑218 to ensure product resilience, supply chain integrity, and regulatory compliance. Participate in threat modeling early in the product lifecycle to establish security test plans.
  • CI/CD Pipeline Automation — architect and maintain automated security gates within CI/CD engines, with auto‑failing builds on high‑risk vulnerabilities while preserving developer velocity.
  • SAST/DAST Analysis — implement SAST policies across compiled code, microservices, and firmware binaries to catch logic flaws and unsafe memory operations. Design DAST frameworks to probe runtime applications, APIs, and microservices for structural, access control, and routing vulnerabilities.
  • Software Supply Chain Security — deploy SCA tooling to track open‑source licenses, manage technical debt, and surface vulnerabilities in third‑party packages. Generate and audit SBOM artifacts in machine‑readable formats (Cyclone

    DX, SPDX) for compliance and stakeholder reporting.
  • Repository Management & Access Controls — standardize repository layouts, cryptographic signing, and branch protections. Deploy continuous monitoring to detect accidental secret leakage, API tokens, and embedded credentials.
  • AI‑Driven Testing — apply AI/ML to enhance test generation, auto‑triage SAST false positives, and identify anomalous behavior. Leverage AI‑assisted fuzzing platforms to probe firmware interfaces and network stacks for unknown vulnerabilities.
Technical Skill Requirements & Tools
  • CI/CD Platforms:
    Git Hub Actions, Git Lab CI/CD, Jenkins, Azure Dev Ops
  • SAST & DAST Solutions:
    Veracode, Checkmarx, Sonar Qube, Burp Suite Professional/Enterprise, OWASP ZAP
  • SCA & SBOM Operations:
    Snyk, Black Duck, Dependabot, Cyclone

    DX CLI, Syft / Grype
  • Firmware & Embedded Analysis:
    Ghidra, IDA Pro, Binwalk, Radare2, JTAG/UART hardware debugging interfaces
  • AI‑Assisted Security & Fuzzing:
    Git Hub Copilot for Security, AFL++ (American Fuzzy Lop), Lib Fuzzer, Custom LLM‑assisted code review agents
Education & Experience
  • Education:

    Bachelor’s degree in computer science, Cybersecurity, Computer Engineering, or an equivalent technical field (Master’s preferred). Equivalent practical experience is highly valued.
  • Experience:

    Minimum of 4–6 years of dedicated experience in…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search