Job Closed
This listing is no longer active.
At Cloudera, we believe that data can make what is impossible today, possible tomorrow.
Senior Staff Software Engineer, Product Security
Location
India
Posted
72 days ago
Salary
0
Seniority
Senior
Job Description
Senior Staff Software Engineer, Product Security
Cloudera
• Architect, Design, develop, and maintain advanced build tooling to accelerate the remediation of vulnerabilities across engineering pillars. • Lead Proof of Concepts (POCs) for security initiatives and evaluate third-party tools to increase developer velocity while enhancing our security posture. • Architect, Design, Develop Security Feature initiatives such as FIPs, TLS/Encryption, Secrets rotation, Identity & Access Management, Certificate Management. • Help find root causes and triage complex product-related stability issues related to security. • Build tooling around Security initiatives such as encryption inventory and other tools to gauge security standards of feature delivery. • Author comprehensive design documents and test plans for cross-component security features, positively affecting change even in the face of ambiguity. • Mentor lower-level team members and contribute to the growth of the team’s technical expertise through code reviews and documentation. • Collaborate across organizational lines, interacting with internal stakeholders and senior management to resolve customer escalations and meet long-term objectives.
Job Requirements
- B.S. or B.A. in Computer Science / related field or equivalent experience.
- 15+ years of experience.
- Deep technical expertise in containerized environments, specifically Kubernetes (EKS) and Docker.
- Strong proficiency in general-purpose programming and scripting languages like Python, Go, Java, and Bash.
- Strong proficiency in Systems design & architecture.
- Proven experience with Infrastructure-as-Code (IaC) tools such as Terraform and Helm to automate secure infrastructure rollouts.
- Experience automating CI/CD processes using platforms like GitLab CI/CD, Jenkins, or GitHub Actions.
- Effective analytical and problem-solving skills, with the ability to root cause site outages or P1 escalations.
- Training or Certifications in Networking security/configuration Cloud Security, Infrastructure as a Service.
Benefits
- Generous PTO Policy
- Support work life balance with Unplugged Days
- Flexible WFH Policy
- Mental & Physical Wellness programs
- Phone and Internet Reimbursement program
- Access to Continued Career Development
- Comprehensive Benefits and Competitive Packages
- Paid Volunteer Time
- Employee Resource Groups
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Information Security Coordinator
JuvoWe unlock economic opportunities and promote financial inclusion for 68% of adults in the world with no credit history.
• Define and maintain the information security roadmap aligned with business objectives and required market updates; • Develop and periodically review the security plan, prioritizing initiatives based on risk analysis; • Propose investments in tools, processes, and training, justifying them with cost-benefit and risk analyses; • Present executive reports on security maturity and posture to leadership. • Structure and operate the monitoring, detection, and incident response process; • Analyze security logs and events to identify potential threats; • Conduct incident investigations and coordinate containment and remediation actions; • Develop and maintain playbooks and runbooks for incident handling. • Perform and coordinate vulnerability assessments on systems, applications, and infrastructure; • Conduct or oversee penetration tests (pentests) and security audits; • Keep the risk matrix up to date and propose mitigation plans; • Define and monitor security KPIs and metrics. • Implement, configure, and manage security tools (SIEM, EDR, DLP, WAF, IDS/IPS, SOAR); • Evaluate and recommend new security technologies and solutions; • Automate security processes whenever possible to improve operational efficiency. • Manage third-party SOC providers and security services; • Define SLAs, track deliveries, and ensure the quality of contracted services; • Coordinate phishing tests and pentests conducted by external partners. • Develop, review, and implement information security policies, standards, and procedures (LGPD, ISO 27001/27002, PCI DSS); • Serve as the security focal point with development, infrastructure, and compliance teams; • Ensure compliance with regulations and standards in the financial sector. • Act as the security liaison for vendor and client requests. • Plan and execute security awareness programs; • Promote training and educational campaigns for employees; • Foster a security culture across the organization. • Monitor trends, emerging threats, and market best practices; • Propose and lead continuous improvement initiatives to enhance security posture; • Participate in cybersecurity communities and events for networking and professional development.
Role Description DAS Health is seeking a Cybersecurity Operations Manager to lead and support our cybersecurity team, overseeing day-to-day operations, client service delivery, and compliance initiatives. This fully remote role blends leadership with hands-on technical expertise, ensuring strong security controls, proactive threat management, and adherence to regulatory requirements across both internal and client environments. Key Responsibilities - Leadership and Team Oversight: - Lead, mentor, and support the cybersecurity team’s daily operations - Provide escalation support and guidance across security incidents and initiatives - Establish and track KPIs to measure performance, efficiency, and service delivery - Collaborate with IT, Cloud Services, and Compliance teams to align security practices - Client-Facing Cybersecurity Services: - Oversee delivery of managed cybersecurity services across client environments - Ensure timely response to alerts, incidents, and escalations - Conduct risk assessments, security reviews, and compliance evaluations (HIPAA, SOC 2, HITRUST) - Support onboarding of new clients into cybersecurity services - Deliver both technical and executive-level reporting on security posture - Hands-On Technical Execution: - Participate in incident detection, investigation, and remediation - Perform vulnerability assessments, log analysis, and forensic investigations - Support and optimize SIEM, EDR, and related tools - Assist with securing Microsoft 365, Azure, and cloud-based environments - Governance, Risk, and Compliance: - Maintain compliance with healthcare security frameworks including HIPAA, HITRUST, NIST CSF, and SOC 2 - Develop and maintain policies, procedures, and security documentation - Support internal and external audits and remediation efforts - Process Improvement and Optimization: - Evaluate and improve existing security workflows and processes - Identify automation opportunities to increase efficiency - Develop dashboards and reporting metrics for performance tracking - Training and Awareness: - Mentor and develop cybersecurity team members - Support internal and client-facing security awareness initiatives - Lead tabletop exercises and post-incident reviews Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field - 5–8+ years of cybersecurity operations experience - 2–3+ years of leadership experience within cybersecurity operations - Strong experience with SIEM, EDR, DLP, and vulnerability management tools - Experience securing Microsoft 365, Azure, and cloud environments - Knowledge of healthcare security frameworks (HIPAA, HITECH, HITRUST, NIST, SOC 2) - Hands-on experience with incident response and forensic analysis - Experience working with MSSPs and third-party vendors - Scripting or automation experience (PowerShell, Python) is a plus Preferred Certifications - CISSP - CISM - HCISPP - GCIH - CEH - or equivalent Benefits - Fully remote work environment with a collaborative, team-driven culture - Opportunity to lead and shape cybersecurity operations in a growing healthcare IT organization - Exposure to diverse client environments and leading security technologies - Career growth and leadership development opportunities
Information Security Specialist, Advanced English
CapcoCapco, a Wipro company, is a management & technology consultancy dedicated to the financial services & energy industries
• Manage and administer corporate endpoint security solutions, ensuring that tools are deployed, configured, monitored, and operating effectively. • Administer and enhance endpoint security policies, rules, and standards across global environments. • Support and troubleshoot endpoint agent installations and failures, including escalation to vendors when necessary. • Provide escalation support to junior administrators and operational teams. • Work closely with SOC, Vulnerability Management, Infrastructure, and Desktop Support teams to manage incidents and drive remediation. • Support the investigation and resolution of endpoint security incidents, including DLP, malware, and policy violations. • Collaborate with the SIEM team to ensure that alerts, vulnerabilities, and endpoint-related trends are properly analyzed. • Diagnose and resolve complex issues on endpoints, servers, software, and communication devices. • Ensure that identified issues, risks, and non-conformities are reported, tracked, and remediated effectively. • Develop and deliver weekly, monthly, quarterly, and annual security reports. • Support audits, penetration testing, and remediation follow-up. • Maintain clear and accurate documentation for tools, automation, and processes. • Collaborate with vendors, internal stakeholders, and end users to gather requirements and improve solutions.
• Implement “Security by Design” within agile software development and cloud-native environments • Act as a Subject Matter Experts (SMEs), mentoring, coaching, and supporting all security engineering efforts across the organization • Define, organize, and implement application security policy, process, standards, and guidelines • Helping engineering teams design and build high-performing, secure applications by mitigating security issues in a risk-based manner • Define, document, and champion processes and practices for a secure Software Development Life Cycle (SDLC) • Be a driving force in establishing a strong security culture within platform engineering teams • Lead Threat Modeling as a core principle for the Secure by Design strategy • Conduct Secure Code and Architecture Design Reviews, including threat modeling and technology/risk-based assessments • Automate application security testing and controls, integrating them directly into the CI/CD pipelines • Responsible for the deployment, operation, and tuning of security tools (SAST, DAST, IAST, and CSPM) • Partner with engineering to effectively prioritize and remediate identified vulnerabilities • Manage tools for Software Composition Analysis (SCA) to ensure supply chain security




