Job Title: Sr. Software Engineer (Full Stack + DevSecOps Platform Engineer)
Location: Irving, TX
Duration: Long-term
Description:
Looking for an ideal candidate who can code, build pipelines, integrate scanners, understand SBOM/CBOM findings, troubleshoot AWS and production issues, and design safe AI-assisted remediation workflows.
Key Responsibilities:
· Design and build a centralized platform for SBOM and CBOM inventory.
· Scan applications, repositories, containers, dependencies, certificates, keys, crypto algorithms, TLS/HTTPS configurations, secrets, and runtime components.
· Build and integrate Jenkins/GitLab CI/CD pipelines for SBOM, CBOM, vulnerability, container, code, and crypto policy scans.
· Identify vulnerable dependencies, CVEs, weak cryptography, expired certificates, insecure TLS versions, hardcoded secrets, and non-compliant libraries.
· Build dashboards and reports for application inventory, vulnerability posture, crypto posture, remediation status, and SLA tracking.
· Integrate security tools such as Syft, Grype, CycloneDX, JFrog Xray, Sonatype, Checkmarx, Fortify, Veracode, or similar tools.
· Build AI-assisted remediation workflows using Claude or similar AI coding agents.
· Automate safe fixes such as dependency upgrades, base image updates, configuration changes, and pull request creation.
· Ensure all remediations go through build, test, scan, approval, audit, and rollback workflows before merge or deployment.
· Work closely with application, security, DevOps, and platform teams.
Required Skills:
· 8+ years of software engineering experience.
· 3+ years of DevOps, DevSecOps, platform engineering, or security automation experience.
· Strong Java/Spring Boot background.
· Hands-on CI/CD and cloud experience.
· Practical experience with security scanning and vulnerability remediation.
· Strong communication skills and ability to work across security, platform, DevOps, and application teams.
· Strong hands-on backend development experience with Java/Spring Boot.
· Experience with at least one additional language such as Node.js, Python, or Go.
· Experience building REST APIs, microservices, batch jobs, and platform integrations.
· Hands-on experience with Jenkins and/or GitLab CI/CD.
· Strong understanding of SBOM, dependency scanning, transitive dependencies, CVEs, and container image scanning.
· Good understanding of CBOM and crypto inventory, including TLS/HTTPS, Certificates, Keys, Cipher suites, Encryption algorithms, Hashing algorithms, Signing algorithms
· Keystores/truststores, Secrets management
· Ability to identify weak crypto such as MD5, SHA-1, DES/3DES, RC4, RSA-1024, TLS 1.0/TLS 1.1, and disabled certificate validation.
· Hands-on AWS experience with services such as, Lambda, API Gateway, S3, DynamoDB, IAM, ECS/EKS, CloudWatch, X-Ray, Secrets Manager, KMS
· Experience with monitoring and troubleshooting tools such as Splunk, ELK/Kibana, CloudWatch, and X-Ray.
· Strong troubleshooting skills across application, pipeline, cloud, and security issues.
AI Auto-Remediation Expectations:
The candidate should understand how to use Claude or similar AI tools in a controlled engineering workflow, including:
· Vulnerability finding ingestion
· Code and dependency analysis
· Impact assessment
· Branch creation
· Code/config updates
· Test execution
· SBOM/CBOM regeneration
· Pull request creation
· Human approval for high-risk changes
· Audit and rollback controls
Preferred Skills:
· Experience building internal developer platforms or security automation platforms.
· Experience with vulnerability management and remediation workflows.
· Experience with policy engines such as OPA or custom rule engines.
· Knowledge of post-quantum cryptography readiness and crypto-agility.
· Experience with certificate lifecycle management, secrets management, and cloud security controls.
· Frontend experience with Angular or React for dashboards and reporting.
Never miss an opportunity! Create an alert based on the job you applied for.
