Senior Staff Software Engineer- Production Security

Overview

Engineering

Seniority Level:

Mid-Senior level

Job Description:

At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world’s largest enterprises.

At Cloudera, the Product Security group is dedicated to ensuring our platforms are secure by design and compliant with the most rigorous industry and government standards. We are seeking a highly motivated and experienced Level 5 Individual Contributor to join our Product Security Engineering (Security Features) team. In this role, you will be a "go-to" technical expert and the connective tissue between Security, Product, and Engineering teams, translating complex security requirements into actionable, automated engineering solutions.

As a senior technical member of the team, you will exercise considerable latitude in determining technical objectives and defining approaches to complex issues. You will serve as a technical lead for security-driven initiatives, leveraging a deep understanding of technical architecture and underlying platforms to drive high-impact solutions for our products.

As a Senior Staff Software Engineer, you will:

• Architect, Design, develop, and maintain advanced build tooling to accelerate the remediation of vulnerabilities across engineering pillars.
• Lead Proof of Concepts (POCs) for security initiatives and evaluate third-party tools to increase developer velocity while enhancing our security posture.
• Architect, Design, Develop Security Feature initiatives such as FIPs, TLS/Encryption, Secrets rotation, Identity & Access Management, Certificate Management.
• Help find root causes and triage complex product-related stability issues related to security.
• Build tooling around Security initiatives such as encryption inventory and other tools to gauge security standards of feature delivery
• Author comprehensive design documents and test plans for cross-component security features, positively affecting change even in the face of ambiguity.
• Mentor lower-level team members and contribute to the growth of the team’s technical expertise through code reviews and documentation.
• Collaborate across organizational lines, interacting with internal stakeholders and senior management to resolve customer escalations and meet long-term objectives.
  
  
  

We’re excited about you if you have (Required Qualifications):

• B.S. or B.A. in Computer Science / related field or equivalent experience. with 15+ years of experience. Additional experience is acceptable in lieu of a degree.
• Deep technical expertise in containerized environments, specifically Kubernetes (EKS) and Docker.
• Strong proficiency in general-purpose programming and scripting languages like Python, Go, Java, and Bash.
• Strong proficiency in Systems design & architecture
• Proven experience with Infrastructure-as-Code (IaC) tools such as Terraform and Helm to automate secure infrastructure rollouts.
• Experience automating CI/CD processes using platforms like GitLab CI/CD, Jenkins, or GitHub Actions.
• Effective analytical and problem-solving skills, with the ability to root cause site outages or P1 escalations.
• Training or Certifications in Networking security/configuration
• Cloud Security, Infrastructure as a Service
  
  
  

• Experience with Post-Quantum Cryptography is desirable for our upcoming product transition.
• Experience with FIPS, Encryption is desirable to help with transitioning to FIPS 140-3, TLS 1.3 and beyond
• Security-specific experience in CVE remediation automation and integrating SAST/DAST scanning (e.g., Trivy, Aquasec, Tenable Nessus, Fortify) into developer workflows.
• Familiarity with government compliance frameworks and standards such as FedRAMP, ISO 27001, or SOC 2.
• Knowledge of secure coding practices and common vulnerabilities (OWASP Top 10).
• Experience in Identity and Access Management (IAM) or Identity Governance platforms.
• Strong stakeholder management skills, with the ability to influence without authority in a remote, cross-functional environment.
  
  
  

• Generous PTO Policy
• Support work life balance with Unplugged Days
• Flexible WFH Policy
• Mental & Physical Wellness programs
• Phone and Internet Reimbursement program
• Access to Continued Career Development
• Comprehensive Benefits and Competitive Packages
• Paid Volunteer Time
• Employee Resource Groups
  
  
  

EEO/VEVRAA