DevSecOps Platform Engineer/ SBOM/CBOM Security Automation

Role: DevSecOps Platform Engineer/ SBOM/CBOM Security Automation

Location: Location: Irving, TX

Duration: Long term

Mode of Interview: F2F

only on W2

• SBOM / CBOM Inventory, Vulnerability Scanning & AI Auto-Remediation
• We are looking for a hands-on Senior Full Stack + DevSecOps Platform Engineer to help build an internal security automation platform for SBOM/CBOM inventory, vulnerability scanning, and Claude-based auto-remediation.
• This is not a traditional full-stack developer role. The right candidate should be able to build applications, design CI/CD pipelines, integrate security scanning tools, understand cryptography inventory, and automate remediation safely.

Key Responsibilities

•                 Design and build a centralized platform for SBOM and CBOM inventory.

•                 Scan applications, repositories, containers, dependencies, certificates, keys, crypto algorithms, TLS configurations, and runtime components.

•                 Integrate SBOM/CBOM and vulnerability scanning into Jenkins/GitLab CI/CD pipelines.

•                 Identify vulnerable dependencies, CVEs, weak cryptography, expired certificates, insecure TLS versions, hardcoded secrets, and non-compliant libraries.

•                 Build automation workflows to support remediation using Claude or similar AI coding agents.

•                 Automate safe fixes such as dependency upgrades, base image updates, configuration changes, and pull request creation.

•                 Ensure all AI-assisted remediations are validated through build, test, scan, approval, and audit workflows before merge or deployment.

•                 Build dashboards and reports for application inventory, vulnerability posture, crypto posture, remediation status, and SLA tracking.

•                 Work closely with application, security, DevOps, and platform teams.

Required Skills

•                 Strong hands-on experience with Java/Spring Boot.

•                 Experience with at least one additional language such as Node.js, Python, or Go.

•                 Experience building REST APIs, microservices, batch jobs, and platform integrations.

•                 Hands-on experience with Jenkins and/or GitLab CI/CD.

•                 Strong understanding of SBOM, dependency scanning, transitive dependencies, CVEs, and container image scanning.

•                 Experience with tools such as Syft, Grype, CycloneDX, SPDX, JFrog Xray, Sonatype, Fortify, or Veracode.

•                 Good understanding of CBOM and cryptography inventory, including TLS/HTTPS, certificates, keys, cipher suites, encryption algorithms, hashing algorithms, signing algorithms, keystores, truststores, and secrets.

•                 Ability to identify weak crypto such as MD5, SHA-1, DES/3DES, RC4, RSA-1024, TLS 1.0/TLS 1.1, and disabled certificate validation.

•                 Hands-on AWS experience with services such as Lambda, API Gateway, S3, DynamoDB, IAM, ECS/EKS, CloudWatch, X-Ray, Secrets Manager, and KMS.

•                 Experience with observability tools such as Splunk, ELK/Kibana, CloudWatch, and X-Ray.

•                 Strong troubleshooting skills across application, pipeline, cloud, and security issues.

•                 The candidate should understand how to use Claude or similar AI tools in a controlled engineering workflow

Preferred Skills

•                 Experience building internal developer platforms or security automation platforms.

•                 Experience with vulnerability management and remediation workflows.

•                 Experience with policy engines such as OPA or custom rule engines.

•                 Knowledge of post-quantum cryptography readiness and crypto-agility.

•                 Experience with certificate lifecycle management, secrets management, and cloud security controls.

•                 Frontend experience with Angular or React for dashboards and reporting.

Minimum Qualifications

•                 8+ years of software engineering experience.

•                 3+ years of DevOps, DevSecOps, platform engineering, or security automation experience.

•                 Strong Java/Spring Boot background.

•                 Hands-on CI/CD and cloud experience.

•                 Practical experience with security scanning and vulnerability remediation.

•                 Strong communication skills and ability to work across security, platform, DevOps, and application teams.

Ideal Candidate

•                 The ideal candidate can code, build pipelines, integrate scanners, understand SBOM/CBOM findings, troubleshoot AWS and production issues, and design safe AI-assisted remediation workflows

Email: