Staff Software Engineer - Product Security

As a senior technical member of the team, you will exercise significant latitude in defining technical objectives and architectural approaches to complex challenges. Leveraging a deep understanding of distributed systems and cloud-native platforms, you will lead high-impact, security-driven initiatives across the entire Cloudera product suite.

As a Staff Software Engineer, you will:

• Architect and maintain advanced build tooling to automate and accelerate vulnerability remediation across all engineering pillars.

• Lead Proof of Concepts (POCs) and evaluate third-party security tools to enhance our security posture without compromising developer velocity.

• Design and develop core security features, including FIPS compliance, TLS/Encryption, Secrets Rotation, Identity & Access Management (IAM), and Certificate Management.

• Drive root-cause analysis and triage for complex, product-wide stability issues related to security infrastructure.

• Engineer specialized observability tools, such as encryption inventories, to audit and measure security standards during feature delivery.

• Author comprehensive design specifications and test plans for cross-component security features, providing technical clarity in the face of ambiguity.

• Elevate the team’s technical bar through high-quality code reviews, documentation standards, and active mentorship of engineering talent.

• Partner across organizational lines, collaborating with internal stakeholders and senior management to resolve customer escalations and align with long-term objectives.

We’re excited about you if you have (Required Qualifications):

• Bachelor’s degree in Computer Science or a related field (or equivalent experience) with 6+ years of professional software engineering experience.

• Deep technical expertise in containerized environments, specifically Kubernetes (EKS) and Docker.

• Strong command of general-purpose and scripting languages, including Java, Python, Go, and Bash.

• Proven experience with Infrastructure-as-Code (IaC) tools such as Terraform and Helm to automate secure infrastructure rollouts.

• Expert-level experience automating complex CI/CD pipelines using platforms such as GitLab CI/CD, Jenkins, or GitHub Actions.

• Exceptional troubleshooting skills with a track record of identifying root causes for site outages and resolving P1 escalations.

You may also have (Preferred Qualifications):

• Experience with Post-Quantum Cryptography to support upcoming product transitions.

• Practical experience with FIPS 140-3, TLS 1.3, and modern encryption standards.

• Proven ability to automate CVE remediation and integrate SAST/DAST scanning tools—such as Trivy, Aquasec, Tenable, or Fortify—into developer workflows.

• Familiarity with government compliance frameworks and industry standards including FedRAMP, ISO 27001, and SOC 2.

• Deep understanding of secure coding practices and common vulnerabilities as outlined in the OWASP Top 10.

• Experience working with Identity and Access Management (IAM) or Identity Governance platforms.

• Strong management skills with a demonstrated ability to influence cross-functional teams and drive results in a remote environment.

​This role is not eligible for immigration sponsorship