Security Engineer - Product Security

Business Area:
Engineering

Seniority Level: Mid-Senior level

Job Description:

At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world's largest enterprises.

Are you passionate about building a robust security platform that seamlessly integrates security into every phase of the software and infrastructure lifecycle? Do you want to lead the adoption of advanced Dev Sec Ops  practices, influence product design at the earliest stage, and get your hands dirty implementing sophisticated, highly automated security tooling for multi-cloud and on-prem environments? Great, we've got the position for you!

Cloudera is looking for a Staff Dev Sec Ops  Engineer with deep expertise in multi-cloud and on-prem security engineering to join a unique blended team. Bringing both security platform development knowledge and application security know-how, you and our highly collaborative team will play a crucial role in building the security platform that underpins all of Cloudera's products.

In this role, you will be a core member of our Product Security (Prod Sec) Platform team charged with engineering, deploying, maintaining, and operationalizing our internal security platform providing self-service tools to enable product teams to build and deploy securely by default. You will work as a critical part of our product security development process, driving change at the design stage through automated governance and providing consultation on how to leverage the platform's capabilities.

Our goal is to shift security left by building a mature, automated platform that reduces security toil for developers & security staff by allowing them to focus on innovation while ensuring security by design. You will be instrumental in identifying product security pain points and solving them with scalable, platform-based solutions, driving a cycle of continuous improvement across our product portfolio.

We're looking for individuals who want to redefine how security is delivered in a high-velocity engineering organization. You will have the opportunity to teach and learn from Kubernetes trailblazers and help blaze new paths for those following behind you.

• Design, develop, and deploy self-service security tools and services that constitute the internal security platform.
• Lead complex security projects, including end-to-end ownership of tool development and the creation of new security capabilities within the platform.
• Automate and integrate security controls into CI/CD pipelines (SAST, DAST, SCA, IAST, etc.) and developer workflows.
• Lead the architecture and deployment of secure multi-cloud environments (AWS, Azure, GCP) using Infrastructure as Code (e.g., Terraform, Ansible).
• Perform security architecture reviews of new products and features, develop threat models, and provide security-as-code best practices.
• Collaborate with the Site Reliability Engineering (SRE) team to embed & maintain automated monitoring and security visibility into production systems.
• Collaborate with internal security teams to support compliance, incident response, and operational security requirements.
• Develop, refine, and drive the adoption of security engineering best practices and standards across the organization.
• Evangelize the use of security platform tooling and deliver high-impact Dev Sec Ops  training and outreach to internal development & engineering teams.
• Mentor junior members of the Security team and security advocates in advanced Dev Sec Ops  principles, platform engineering, and secure coding practices.

• Proven experience designing, developing, and deploying security tools and services (e.g., security scanners, secrets management, policy engines) used by other engineering & security teams.
• Expertise in Dev Sec Ops  principles and practical experience implementing security controls in CI/CD pipelines (e.g., Jenkins, Git Lab CI, Git Hub Actions).
• Deep experience with large-scale cloud security engineering in AWS, Azure, and Google Cloud, including automated network provisioning and secure configuration management.
• Experience with code review of one or more programming languages (Java, Python, Go, JS/TS).
• In-depth knowledge of Kubernetes operations, security, and using tools like Helm for deployment and policy enforcement.
• Expertise in Infrastructure as Code (IaC) & configuration management tools like Terraform, Cloud formation, or Ansible.
• Demonstrated experience with security tools and platforms, including Hashi Corp Vault for secrets management, Splunk for security monitoring and analytics, and Crowd Strike or similar EDR solutions for endpoint security.
• Deep understanding of web service…