Software Development Principal Engineer

We are looking for a Principal Engineer to lead Security and Cloud Engineering efforts for our enterprise Java product with both On-Prem and SaaS deployments. This is a hands-on leadership role driving secure SDLC practices, DevSecOps automation, container security, and platform hardening. You will work closely with engineering, DevOps, QA, and compliance teams to protect the product and infrastructure from vulnerabilities and ensure compliance.

Responsibilities

• Application & Infrastructure Security

- Lead secure coding practices and integrate SAST, DAST, Penetration Testing, and vulnerability scanning into the development lifecycle.

- Analyze and remediate findings from tools like SpotBugs, Polaris Synopsys, Acunetix, and custom security assessments.

• Threat Modeling & Risk Mitigation

- Perform threat modeling, assess security risks including SQL injection, XSS, CSRF, and privilege escalation.

- Guide teams on secure implementation patterns and anti-patterns.

• Cloud & Container Security

- Harden Docker, Kubernetes, and SaaS infrastructure for multi-tenant, secure-by-design deployments.

- Implement policies for image scanning, secrets management, network segmentation, and runtime security.

• Security Automation & DevSecOps

- Automate security checks in CI/CD pipelines using tools like GitLab CI, Jenkins, SonarQube, etc.

- Promote Infrastructure as Code (IaC) security and integrate tools for Terraform/Helm validations.

• Governance & Compliance

- Define and enforce security standards aligned with OWASP, CIS Benchmarks, and industry best practices.

- Maintain documentation and assist with security audits and compliance requirements.

• Mentoring & Collaboration

- Mentor engineers on secure design, coding, and deployment practices.

-Collaborate with product owners and engineering managers to drive secure feature development.

Qualifications

Required Qualifications

. 12+ years of experience in application security, DevSecOps, or cloud security within enterprise Java environments.

• Strong knowledge of penetration testing, static/dynamic analysis, and tools like SpotBugs, Polaris, Acunetix, OWASP ZAP, etc.
• Expertise in secure coding, vulnerability assessment, and remediating common issues like SQL injection, XSS, and insecure deserialization.
• Hands-on experience with Docker, Kubernetes, Helm, and cloud-native security tooling.
• Familiarity with SaaS security concerns: multi-tenancy, access isolation, data encryption, and secure APIs.
• Experience integrating security into CI/CD pipelines and using GitOps principles.

Preferred Qualifications

• Certifications such as OSCP, CEH, CISSP, or CKS (Certified Kubernetes Security Specialist).
• Prior experience with security automation, policy-as-code, or container scanning platforms (e.g., Trivy, Aqua, Prisma).
• Knowledge of threat modeling frameworks (e.g., STRIDE) and secure architecture principles.
• Exposure to Gen AI tools for secure code analysis, vulnerability triaging, or automated documentation.

What We Offer

• Opportunity to influence product direction and architecture.
• A collaborative and learning-focused environment.
• Access to modern tools and Gen AI platforms.
• Competitive salary and performance bonus
• Health insurance
• Hybrid work model