Staff Security Engineer – Product Security
Cloudera
full-time
Posted on:
Location Type: Remote
Location: Texas • United States
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Design, develop, and deploy self-service security tools and services that constitute the internal security platform.
- Lead complex security projects, including end-to-end ownership of tool development and the creation of new security capabilities within the platform.
- Automate and integrate security controls into CI/CD pipelines (SAST, DAST, SCA, IAST, etc.) and developer workflows.
- Lead the architecture and deployment of secure multi-cloud environments (AWS, Azure, GCP) using Infrastructure as Code (e.g., Terraform, Ansible).
- Perform security architecture reviews of new products and features, develop threat models, and provide security-as-code best practices.
- Collaborate with the Site Reliability Engineering (SRE) team to embed & maintain automated monitoring and security visibility into production systems.
- Collaborate with internal security teams to support compliance, incident response, and operational security requirements.
- Develop, refine, and drive the adoption of security engineering best practices and standards across the organization.
- Evangelize the use of security platform tooling and deliver high-impact DevSecOps training and outreach to internal development & engineering teams.
- Mentor junior members of the Security team and security advocates in advanced DevSecOps principles, platform engineering, and secure coding practices.
Requirements
- Proven experience designing, developing, and deploying security tools and services (e.g., security scanners, secrets management, policy engines) used by other engineering & security teams.
- Expertise in DevSecOps principles and practical experience implementing security controls in CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions).
- Deep experience with large-scale cloud security engineering in AWS, Azure, and Google Cloud, including automated network provisioning and secure configuration management.
- Experience with code review of one or more programming languages (Java, Python, Go, JS/TS).
- In-depth knowledge of Kubernetes operations, security, and using tools like Helm for deployment and policy enforcement.
- Expertise in Infrastructure as Code (IaC) & configuration management tools like Terraform, Cloudformation, or Ansible.
- Demonstrated experience with security tools and platforms, including HashiCorp Vault for secrets management, Splunk for security monitoring and analytics, and CrowdStrike or similar EDR solutions for endpoint security.
- Deep understanding of web service frameworks, distributed architectures (event-driven, microservices, serverless), and their corresponding security challenges.
- Experience performing security reviews, developing and reviewing threat models, and conducting risk assessments against complex distributed systems.
- Security certifications (CISSP, CISA, etc.) are a bonus but not required.
- Familiarity with Cloudera’s products or other distributed computing systems is a strong bonus, or a willingness to dig into our products to truly understand how they work.
Benefits
- Generous PTO Policy
- Support work life balance with Unplugged Days
- Flexible WFH Policy
- Mental & Physical Wellness programs
- Phone and Internet Reimbursement program
- Access to Continued Career Development
- Comprehensive Benefits and Competitive Packages
- Paid Volunteer Time
- Employee Resource Groups
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
security tools developmentDevSecOps principlesCI/CD pipeline security controlscloud security engineeringprogramming languages (Java, Python, Go, JS/TS)Kubernetes operationsInfrastructure as Code (IaC)security reviewsthreat modelingrisk assessments
Soft Skills
leadershipmentoringcollaborationcommunicationevangelizing best practices
Certifications
CISSPCISA