Software Dev Principal Engineer - Security & Cloud Engineering

You are a Principal Engineer responsible for leading Security and Cloud Engineering efforts for an enterprise Java product with On-Prem and SaaS deployments. Your role involves implementing secure SDLC practices, DevSecOps automation, container security, and platform hardening. Collaboration with various teams is essential to protect the product and infrastructure from vulnerabilities while ensuring compliance with industry standards. As the Principal Engineer, your key responsibilities include: - Leading secure coding practices and integrating security testing tools into the development lifecycle. - Performing threat modeling, assessing security risks, and guiding teams on secure implementation patterns. - Harden Docker, Kubernetes, and SaaS infrastructure for secure deployments. - Automating security checks in CI/CD pipelines and promoting Infrastructure as Code (IaC) security. - Defining and enforcing security standards aligned with OWASP, CIS Benchmarks, and industry best practices. - Mentoring engineers on secure design, coding, and deployment practices while collaborating with product owners and engineering managers. To qualify for this role, you must have: - 12+ years of experience in application security, DevSecOps, or cloud security in enterprise Java environments. - Strong knowledge of penetration testing, static/dynamic analysis, and security tools like SpotBugs, Polaris, Acunetix, OWASP ZAP. - Expertise in secure coding, vulnerability assessment, and remediating common issues like SQL injection, XSS, and insecure deserialization. - Hands-on experience with Docker, Kubernetes, Helm, and cloud-native security tooling. - Familiarity with SaaS security concerns such as multi-tenancy, access isolation, data encryption, and secure APIs. - Experience integrating security into CI/CD pipelines and using GitOps principles. Preferred qualifications include certifications such as OSCP, CEH, CISSP, or CKS, prior experience with security automation, and knowledge of threat modeling frameworks and secure architecture principles. In return, you will have the opportunity to influence product direction and architecture, work in a collaborative and learning-focused environment, access modern tools and Gen AI platforms, receive a competitive salary, performance bonus, and health insurance in a hybrid work model. Quest is a company known for managing, modernizing, and securing business software across various environments. At Quest, you will collaborate with dedicated professionals passionate about technology, innovate solutions for improvement, build positive and meaningful relationships, and pursue a fulfilling career with health and wellness as top priorities. Join Quest for a rewarding career where next meets now. Visit Quest Careers for more information and beware of fraudulent job offers from online scammers. Apply only through quest.com/careers using the official applicant system.,