Job Closed
This listing is no longer active.
The leading provider of enterprise open source solutions.
Senior Software Engineer – OpenShift Infrastructure, Security Compliance
Location
Italy
Posted
71 days ago
Salary
0
Seniority
Senior
Job Description
Senior Software Engineer – OpenShift Infrastructure, Security Compliance
Red Hat
• Develop tooling to generate and automate regulatory benchmark guidance • AI driven tooling (MCP servers/toolsets) that integrates with IDEs (Claude Code/Cursor) • Understanding Compliance Operator resources, like CustomRules and Profiles • Implementing checks using multiple scanning technologies, like OpenSCAP and CEL expressions • Developing and maintaining operators that improve OpenShift security posture • Contribute to industry benchmark regulatory bodies where applicable (CIS)
Job Requirements
- Have an understanding of security and hardening techniques for container management (e.g., Security Context Constraints, Validation Admission Policies, RBAC)
- Have an understanding of Machine Configs, SCCs and RHCOS (operating systems optimized for running containers)
- Have an understanding of Concept of operators within the Kubernetes ecosystem, and how they function and OLM (Red Hat’s package manager for operators)
- Fluent in git
- Experience developing and maintaining projects in Golang and/or Python
- Project management experience and tracking with task tracking tools (e.g., Jira)
- Compliance Scanning workflows with various tools like Remediate, Rescan or Repeat
- Familiarity with specific regulatory bodies and their benchmarks (CIS, PCI, DISA, NIST, etc.)
- Familiar with Cursor and/or Claude Code - since we’re looking to lean heavily on AI tools to help with the profiles
- Experience with GitOps-based workflows or Tekton pipelines
Benefits
- Health insurance
- Flexible working hours
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Designing and implementing controls that support security invariants and enforce our security principles while providing a surprisingly great user experience • Providing a migration path for newly acquired companies onto the Stripe Secure Platform, embedding with their engineers and biasing for action • CI tooling for platform-related configuration: IAM roles, SCPs, and associated components • Guardrails and security controls for both commonly used and newer cloud technologies • Expanding our cloud identity infrastructure to provide paved paths for AI and agentic access • Automation tooling for continually driving down permissions and access across our cloud services
Senior Cybersecurity Engineer
DexcomDexcom is on a mission to transform diabetes management and treatment by providing quality continuous glucose monitoring, or CGM, technology to help healthcare
• You will be task to perform scripting, and automation works relating to Information Security. • You will conduct security assessments of new tools, applications, and systems. • You will process and manage requests for various security services such as URL Filtering, Privilege Account Management, DLP, Firewall Rule Review. • You will support or lead the design and deploy security infrastructure such as DLP, SWG, UBA, EDR, SIEM, MDM, NAC, etc. • You will support or lead security infrastructure projects and manage security infrastructure. • You will provide security consulting and influence adoption of security best practices. • You may, if needed, support activities of third-party penetration testing, vulnerabilities assessments and drive remediation activity. • You may, if needed, support incident response and threat containment. • You may support information security and data privacy compliance audits and associated activities.
Role Description This role contributes to Starbucks’ success by operating within the Security Operations Center (SOC) to detect, investigate, and respond to cybersecurity threats across the enterprise. You will leverage SIEM and SOAR platforms to perform advanced log analysis, validate alert fidelity, and continuously assess the operational health and coverage of Starbucks’ security tooling. You will design, build, and tune detections within the SIEM, translating real world adversary behaviors and MITRE ATT&CK aligned TTPs into high confidence, actionable alerts. This includes authoring and maintaining detection logic (e.g., KQL, SPL, or equivalent), reducing false positives and closing visibility gaps. The role also focuses on maturing automation through SOAR by developing playbooks that standardize and accelerate investigation, enrichment, containment, and response workflows. You will integrate SOAR with security and IT platforms to automate repeatable actions. The ideal candidate demonstrates strong analytical problem solving skills, clear technical communication, and deep expertise in modern attack techniques, logging architectures, and SOC operations. A proven, hands on track record of advancing detection engineering, SIEM/SOAR effectiveness, and incident response capabilities in highly targeted, large scale environments is essential. Success in this role is defined by measurable contributions to a world class SOC and cybersecurity program that proactively detects threats, rapidly contains incidents, and drives consistent, effective resolution across all cybersecurity events. As a cybersecurity engineer senior, threat detection and response, you will: - Identify, evaluate, and appropriately address alerts and incidents - Develop detections based on the MITRE ATT&CK Framework - Proactively identify emerging threats and conduct threat hunting for undetected activity within the environment - Assess alerts to establish their legitimacy, and urgency - Adhere to SOC playbooks and standard operating procedures (SOPs) to promote consistency in triage and decision-making - Conduct a thorough review and audit of existing logging systems to identify any gaps in detection capabilities - Review threat intel reports and feeds, making recommendations for profile or toolset changes based on reviews - Perform in-depth investigations on Windows, Linux, and MacOS hosts - Create stories to enhance the SOAR environment for engineers - Enhance SOC processes with feedback and operational insights - Serve as both a mentor and an escalation point for SOC engineers - Tune security tool configuration to minimize false positives - Work closely with security leaders, engineers, and compliance teams to implement effective security plans - Serve as a subject matter expert for security tools, applications, and processes Qualifications - 5+ years of experience working in an information technology discipline - 4+ years of security operations experience - 2+ years of detection engineering experience - 2+ years of Threat hunting experience - Deep technical understanding of modern Cybersecurity threats - Understanding of the MITRE ATT&CK framework and the ability to create detections based on analysis of attacker tools & techniques using this framework - Proficient in programming with at least one modern language such as Python, Powershell, C#, Ruby, or Java - Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security - Basic understanding of compliance and regulatory requirements such as SOX and PCI - Ability to balance multiple priorities and meet deadlines - Excellent problem-solving abilities - Passionate about cybersecurity and self-driven to become an expert Preferred Qualifications - Demonstrated expertise in at least two technologies, such as SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, or Container Security - Skilled in at least two focus areas, including Phishing, Data Loss Prevention (DLP), Compliance, Networking, Digital Forensics, Big Data, Threat Intelligence, Operating Systems, or Reverse Engineering - Actively supports the cybersecurity community by teaching or contributing code - Holds certifications like CISSP, SSCP, GCIH, or other credentials emphasizing cybersecurity Benefits - Access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits - Short-term and long-term disability - Paid parental leave - Family expansion reimbursement - Paid vacation from date of hire - Sick time (accrued at 1 hour for every 25 hours worked) - Eight paid holidays and two personal days per year - Participation in a 401(k) retirement plan with employer match - Discounted company stock program (S.I.P.) - Starbucks equity program (Bean Stock) - Incentivized emergency savings and financial well-being tools - 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program - Student loan management resources and access to other educational opportunities - Access to backup care and DACA reimbursement
Senior Cloud Security Engineer – FedRamp
ZimperiumThe leader in enterprise mobile endpoint protection and mobile app protection for Android, iOS and Chromebooks threats
• Design, implement, and manage security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments. • Act as the subject matter expert for security automation, leveraging CloudFormation and/or Terraform to deploy secure infrastructure consistently and at scale. • Implement and enforce rigorous security configuration benchmarks, specifically CIS Level 2 and DISA STIGs, across all compute environments, including various flavors of Linux and Kubernetes clusters. • Configure, manage, and optimize cloud-native and third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls. • Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to protect critical applications. • Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to enable "shift-left" security practices. • Design and maintain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or equivalent cloud-native services. • Conduct threat modeling and perform security reviews for new applications and services to proactively identify and mitigate risks in the design phase. • Participate in a rotating on-call schedule to address security incidents and operational issues promptly. • Support internal and external audits by generating evidence, writing detailed reports, and delivering clear, concise technical presentations to leadership. • Operate with minimal oversight, taking the initiative to identify and suggest security improvements and drive projects to completion.



