Senior Security Operations Engineer

Recruitment Fraud Alert

We’ve learned that scammers are impersonating Commvault team members—including HR and leadership—via email or text. These bad actors may conduct fake interviews and ask for personal information, such as your social security number.  

What to know:

• Commvault does not conduct interviews by email or text.


• We will never ask you to submit sensitive documents (including banking information, SSN, etc) before your first day.

If you suspect a recruiting scam, please contact us at [email protected] 

About Commvault 

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data. 

What you’ll do…

• Design / build / implement and maintain scalable automation tools and pipelines for application security, including static (SAST), dynamic (DAST), and software composition analysis (SCA) scanning.


• Collaborate with developers, security engineers, and DevOps teams to integrate security automation seamlessly into CI/CD workflows.


• Identify opportunities for improving security tool coverage, efficiency, and performance.


• Develop custom scripts, plugins, or APIs to extend the capabilities of security testing and remediation automation.


• Monitor and analyze security automation tool results, generate actionable insights, and support incident response and remediation efforts.


• Stay up to date on the latest security automation trends, technologies, and best practices, and advocate for continuous improvement in tooling and processes.


• Provide mentorship and guidance to other engineers on secure coding and secure development lifecycle practices.

Who you are?

• 6+ years of software engineering experience with a focus on security automation or application security.


• Proficiency in Python, Ruby, Go, Java, or similar programming languages.


• Strong understanding of application security principles, vulnerabilities (e.g., OWASP Top Ten), and remediation techniques.


• Hands-on experience implementing and configuring security scanning tools such as SAST (e.g., Checkmarx, Fortify), DAST (e.g., Burp Suite, OWASP ZAP), and SCA (e.g., Snyk, WhiteSource).


• Familiarity with CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI) and infrastructure as code tools (e.g., Terraform, Ansible) is a plus.


• Solid understanding of software development lifecycle (SDLC) processes and how to integrate security automation seamlessly.


• Excellent problem-solving skills and ability to work independently and as part of a team.

Preferred Skills:

• Experience with cloud-native security automation (e.g., in AWS, Azure, or GCP environments).


• Familiarity with container security (e.g., Docker, Kubernetes) and related security scanning solutions.


• Knowledge of threat modeling and security risk assessments.

#LI-VK