Principal Software Engineer - Security Architect

hands-on Security Architect

Role and Responsibilities

• Work closely with the DevSecOps team to implement security strategies and remediation plans.
• Act as the primary engineering interface for security posture, vulnerability remediation, and secure development practices.
• Perform hands-on security architecture reviews, threat modeling, secure code reviews, and secure design evaluations.
• Collaborate with engineering teams to drive adoption of security tools, frameworks, and best practices.
• Integrate security controls and checks into CI/CD pipelines and engineering workflows.
• Contribute to Project Phoenix execution and participate in other strategic security engineering initiatives.
• Identify, assess, prioritize, and drive remediation of vulnerabilities across application, cloud, and infrastructure environments.
• Mentor engineering teams to adopt security-first design and implementation principles.
• Track and respond to evolving security threats, integrating learnings into engineering processes.

Technical Must-Know Concepts

Candidates are expected to demonstrate strong expertise in the following areas:

• Application Security:

  Secure coding practices (OWASP Top 10, CWE), secure SDLC integration.

• Threat Modeling:

  STRIDE, DREAD frameworks, attack surface identification and mitigation planning.

• Cloud Security:

  AWS security best practices (IAM, KMS, GuardDuty), encryption at rest and transit, cloud resource hardening.

• Infrastructure and CI/CD Security:

  Security in IaC (Terraform, CloudFormation), secrets management, pipeline security integration (SAST, SCA, DAST, IaC scanning).

• Vulnerability Management:

  Experience with tools like Snyk, TruffleHog, CrowdStrike CSPM or similar; prioritization and remediation of vulnerabilities.

• Authentication and Authorization Security:

  OAuth 2.0, OpenID Connect, SSO security principles.

• Container and Kubernetes Security:

  Image scanning, container hardening, Kubernetes RBAC, network policies.

• Cryptography Fundamentals:

  Understanding TLS/SSL, encryption standards, key management practices.

• Security Standards and Compliance Awareness:

  Familiarity with NIST, ISO 27001, SOC 2, PCI DSS frameworks.

• DevSecOps Tooling:

  GitHub, GitLab, Bitbucket CI/CD pipelines and security automation integrations.

Be Bold. Be You. Be Boomi.

All employment decisions are based on business needs, job requirements, and individual qualifications.

Boomi strives to create an inclusive and accessible environment for candidates and employees. If you need accommodation during the application or interview process, please submit a request to [HIDDEN TEXT] . This inbox is strictly for accommodations, please do not send resumes or general inquiries.

Role:

Industry Type:

Department:

Employment Type:

Role Category:

Education

UG:

PG: