Senior Software Security Engineer

Role Overview: As a Senior Software Security Engineer at FICO, you will play a crucial role in shaping the next generation security for FICO's Platform. You will work on addressing cutting-edge security challenges in highly automated, complex, cloud, and microservices-driven environments. Your responsibilities will include designing security features and functionality for the FICO platform and its AI/ML capabilities. Key Responsibilities: - Secure the design of the next-generation FICO Platform, its capabilities, and services. - Provide full-stack security architecture design from cloud infrastructure to application features for FICO customers. - Collaborate with product managers, architects, and developers to implement security controls within products. - Develop and maintain Kyverno policies for enforcing security controls in Kubernetes environments. - Collaborate with platform, DevOps, and application teams to define and implement policy-as-code best practices. - Contribute to automation efforts for policy deployment, validation, and reporting. - Stay updated with emerging threats, Kubernetes security features, and cloud-native security tools. - Define required controls and capabilities for the protection of FICO products and environments. - Build and validate declarative threat models in a continuous and automated manner. - Prepare the product for compliance attestations and ensure adherence to best security practices. Qualifications Required: - 10+ years of experience in architecture, security reviews, and requirement definition for complex product environments. - Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (optional but a plus). - Familiarity with industry regulations, frameworks, and practices such as PCI, ISO 27001, NIST, etc. - Experience in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit techniques, and methods for their remediation. - Hands-on experience with programming languages like Java, Python, etc. - Experience in deploying services and securing cloud environments, preferably AWS. - Experience deploying and securing containers, container orchestration, and mesh technologies like EKS, K8S, ISTIO. - Experience with Crossplane to manage cloud infrastructure declaratively via Kubernetes. - Certifications in Kubernetes or cloud security (e.g., CKA, CKAD, CISSP) are desirable. - Proficiency with CI/CD tools like GitHub Actions, GitLab CI, Jenkins, Crossplane. - Independently drive transformational security projects across teams and organizations. - Experience with securing event streaming platforms like Kafka or Pulsar. - Experience with ML/AI model security and adversarial techniques within the analytics domains. - Hands-on experience with IaC (such as Terraform, Cloudformation, Helm) and with CI/CD pipelines (such as Github, Jenkins, JFrog).,