hero

The #1 Source for
In-Person NYC Tech Jobs

Build your future in the capital of everything.
Obviously New York.
companies
Jobs
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Senior Security Engineer

The Knot Worldwide

The Knot Worldwide

This job is no longer accepting applications

See open jobs at The Knot Worldwide.See open jobs similar to "Senior Security Engineer" Tech:NYC.
Software Engineering
Posted on Feb 10, 2026

WHAT WE DO MATTERS:

At The Knot Worldwide, we champion celebration - and that starts with celebrating our people. Our employees are passionate dreamers, thoughtful doers, and lifelong learners who power meaningful moments for millions around the world. We’re united by authentic connection, shared purpose, and a deep commitment to the global community we serve. Here, flexibility and belonging go hand in hand with high performance. Driven by our core values, we believe the best ideas come from empowered teams: those who consistently collaborate with intention to design solutions, spark ideas, and drive impact. Our people are at the heart of our success.

ABOUT THE ROLE AND OUR TEAM:

The Knot Worldwide is seeking a highly skilled and experienced Senior Security Engineer with a background in full-stack development (both front-end and back-end) to join our growing security team. This unique hybrid role blends security engineering with deep development knowledge to enhance application and infrastructure security, build internal tooling, automate threat detection and response processes, and collaborate with global product and engineering teams across TheKnot to embed secure development practices across the SDLC.

RESPONSIBILITIES:

Application Security

  • Conduct threat modeling, code reviews, and penetration testing for in-house applications.
  • Integrate static (SAST), dynamic (DAST), and software composition analysis (SCA) tools into CI/CD pipelines.
  • Provide secure design and coding guidance to development teams (DevSecOps support).
    Develop and maintain secure coding standards and best practices.
  • Work with development teams across the globe to implement secure coding best practices

Full Stack Security Engineering

  • Analyze and secure web applications from both client-side (e.g., React, Angular) and server-side (e.g., Node.js, Python, Java, .NET) threats.
  • Make design and implement security features (in QA environments) and controls into enterprise applications and APIs.
  • Develop internal security tools and dashboards using modern front-end and back-end frameworks.

Infrastructure & Cloud Security

  • Collaborate with DevOps and Cloud teams to secure cloud-native workloads (AWS, Azure, or GCP).
  • Automate detection and remediation of misconfigurations using Infrastructure as Code (IaC) and security orchestration.
  • Monitor and respond to vulnerabilities and threats in deployed applications and containers.

Security Operations Support

  • Build or integrate with SIEM/SOAR systems to monitor applications for anomalies and abuse.
  • Contribute to the design of automated response playbooks for web application and API threats.
  • Participate in incident response efforts involving application-layer or code-related incidents.
  • Establish a dashboard in the SIEM to maintain dynamic metrics on threat blocking

Incident Response

  • Log analysis and forensics.
  • Coordinate with development teams to address active incidents and application incidents.

SUCCESSFUL CANDIDATES HAVE:

  • Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent experience.
    3–7+ years of experience in full-stack software development.
  • 2+ years of experience in application or infrastructure security engineering.
  • Proficiency in at least one modern front-end framework (e.g., React, Angular, Vue.js).
  • Experience with back-end development in languages such as Python, Node.js, Java, or NET.
  • Familiarity with OWASP Top 10, secure design principles, and threat modeling.
  • Hands-on experience with CI/CD tools (GitHub Actions, Jenkins, GitLab CI) and securing DevOps pipelines.
  • Experience with container security (Docker, Kubernetes) and IaC tools (Terraform, CloudFormation).
    Solid knowledge of authentication standards (OAuth2, SAML, JWT) and session management.

PREFERRED QUALIFICATIONS:

  • Experience with penetration testing or ethical hacking (OSCP, CEH, or similar a plus.
  • Certifications such as CSSLP, CISSP, or GIAC GWAPT are a plus.
  • Familiarity with security platforms such as Snyk, Veracode, SonarQube, Burp Suite, etc.
  • Experience integrating with enterprise IAM and zero trust architectures.
  • Familiarity with agile and DevSecOps methodologies.
    Contributions to open-source security projects or developer communities.

WORK MODEL:

This role is Together@TKWW-eligible and based near one of our office hubs. You’ll be expected to work in the office two days a week as part of our hybrid work model.

#professional-track

At The Knot Worldwide, we believe you are more than a resume and invite you to go for it, take the leap of faith, and apply for this job. Together, we have an incredible opportunity to make it even easier for our customers to plan life’s most meaningful moments and for our small business owners to grow and scale. We would love to have you with us on our journey.

WHAT WE LOVE ABOUT YOU:

  • Commit to our customers: You act as one team on behalf of our customers. You lead with head and heart, and build what matters for life's most meaningful moments.
  • Raise the bar: You define "great" and work backwards. You don't just accept how it's been done, but boldly define how it should be. You are unafraid to innovate, learn, and keep moving forward toward our shared vision.
  • Be all in: You believe in our mission and take ownership of your work. You debate openly to reach the best outcomes, speaking with clarity and care, embracing diverse perspectives, then commit fully.
  • Celebrate impact: You measure success by the outcomes you create. You hold yourself accountable to delivering value, while recognizing progress and the lessons learned along the way. You love to win, together.

WHAT YOU LOVE ABOUT US:

We believe in a wide range of holistic offerings to support our employees so that they can live our values day in and day out. From mental wellbeing, physical health and financial planning, to engaging perks and discounts, we are in the business of celebrating and supporting the Moments that Matter, both in and out of the office.. We offer flexible vacation, generous parental leave, and prioritize initiatives that support the growth, development, and happiness of our people.

Together@TKWW is our approach to hybrid work. It’s designed to support how we work best: combining the flexibility we value with meaningful opportunities to connect in person. Whether a role is Together@TKWW-eligible or not, we believe in purposeful moments to come together, build strong relationships, and drive bold ideas forward.
  • For Together@TKWW-eligible roles, this includes regular in-office time to foster collaboration and connection.
  • For roles not eligible for in-office expectations, we support connection through virtual collaboration and intentional gatherings.

To facilitate in-person collaboration, we have office spaces in Barcelona, Spain; Delhi, India; Galway, Ireland; London, England; New York, NY; and Washington, D.C.

__

US Notice: The Knot Worldwide provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, or disability. In addition to federal law requirements, The Knot Worldwide complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. The Knot Worldwide expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status.

Privacy Notice: The Knot Worldwide (TKWW) processes your personal data to evaluate your application, based on the legal ground of taking steps prior to entering into a potential employment contract. Only the data strictly necessary for this purpose is collected. In some cases, your data may also be processed based on TKWW’s legitimate interests (e.g., to improve recruitment practices or manage candidate pools), to which you can object at any time. You have the right to access, rectify, or delete your data, and to object to certain uses. To learn more about your rights, please consult our The Knot Worldwide (TKWW) processes your personal data to evaluate your application, based on the legal ground of taking steps prior to entering into a potential employment contract. Only the data strictly necessary for this purpose is collected. In some cases, your data may also be processed based on TKWW’s legitimate interests (e.g., to improve recruitment practices or manage candidate pools), to which you can object at any time. You have the right to access, rectify, or delete your data, and to object to certain uses. To learn more about your rights, please consult our Privacy Policy. If you wish to file a complaint, you may contact the competent data protection authority. If you wish to file a complaint, you may contact the competent data protection authority.

This job is no longer accepting applications

See open jobs at The Knot Worldwide.See open jobs similar to "Senior Security Engineer" Tech:NYC.
See more open positions at The Knot Worldwide
Privacy policyCookie policy