Principal Software Engineer – DevSecOps

2 Months ago • All levels
Devops

Job Description

Boomi is seeking a Principal Software Engineer – DevSecOps to enhance the security of their intelligent integration and automation platform. The role involves managing AWS security services like IAM, AWS Config, CloudTrail, GuardDuty, and KMS, as well as Azure security features such as Azure Active Directory, RBAC, and Azure Security Center. Responsibilities include implementing and automating infrastructure using tools like Terraform and CloudFormation, integrating security into CI/CD pipelines with Jenkins, GitLab CI/CD, or Azure DevOps, and performing vulnerability assessments using tools like Snyk. The engineer will also be responsible for monitoring, incident response, maintaining compliance with standards like ISO 27001 and SOC 2, and collaborating with development and operations teams to foster a security-aware culture. Expertise in secure coding practices, threat modeling, cloud security best practices, and container security is essential.
Must Have:
  • AWS IAM roles, policies, permissions, and security services
  • Azure Active Directory, RBAC, and Azure Security Center
  • Terraform, AWS CloudFormation, ARM templates
  • CI/CD security integration (Jenkins, GitLab CI/CD, Azure DevOps)
  • SAST/DAST automation
  • Docker, Kubernetes security
  • AWS CloudWatch, Azure Monitor, SIEM tools
  • Incident response planning and execution
  • ISO 27001, SOC 2, PCI DSS, HIPAA
  • Snyk, TruffleHog, CrowdStrike CSPM
  • Secure coding practices, OWASP Top 10
  • Threat modeling (STRIDE, DREAD)
  • OAuth 2.0, OpenID Connect, SSO
  • Container security, image scanning

Add these skills to join the top 1% applicants for this job

github
software-development-lifecycle-sdlc
gitlab
oauth
cryptography
incident-response
aws
single-sign-on
openid-connect
azure
azure-devops
terraform
cloud-security
ci-cd
docker
kubernetes
principle
bitbucket
jenkins

About Boomi and What Makes Us Special

Are you ready to work at a fast-growing company where you can make a difference? Boomi aims to make the world a better place by connecting everyone to everything, anywhere. Our award-winning, intelligent integration and automation platform helps organizations power the future of business. At Boomi, you’ll work with world-class people and industry-leading technology. We hire trailblazers with an entrepreneurial spirit who can solve challenging problems, make a real impact, and want to be part of building something big. If this sounds like a good fit for you, check out boomi.com  or visit our Boomi Careers page to learn more.

Role and Responsibilities

  • AWS Security and IAM:

    • Extensive experience in managing AWS IAM roles, policies, and permissions, ensuring adherence to the principle of least privilege.

    • Proficiency in utilizing AWS security services such as AWS Config, CloudTrail, GuardDuty, and Security Hub for continuous monitoring and compliance.

    • Hands-on experience with AWS Key Management Service (KMS) for encryption key management and data protection.

  • Azure Security and Identity Management:

    • Solid understanding of Azure Active Directory (AAD) for identity and access management across Azure resources.

    • Experience with Azure Role-Based Access Control (RBAC) to manage permissions and access to Azure services.

    • Familiarity with Azure Security Center and Azure Policy for assessing and improving the security posture of Azure environments.LinkedIn+3careers-buspatrol.icims.com+3SmartRecruiters+3

  • Infrastructure as Code (IaC) and Automation:

    • Proficient in developing and maintaining infrastructure using IaC tools such as Terraform, AWS CloudFormation, and Azure Resource Manager (ARM) templates.

    • Experience in automating security configurations and compliance checks across AWS and Azure environments.

    • Skilled in implementing and managing secrets management solutions like AWS Secrets Manager, Azure Key Vault, or HashiCorp Vault.

  • CI/CD Pipeline Security Integration:

    • Expertise in integrating security controls and checks into CI/CD pipelines using tools like Jenkins, GitLab CI/CD, Azure DevOps, or AWS CodePipeline.

    • Experience in automating static and dynamic code analysis (SAST/DAST) to identify and remediate vulnerabilities early in the development lifecycle.

    • Familiarity with containerization and orchestration tools like Docker and Kubernetes, including implementing security best practices.

  • Monitoring and Incident Response:

    • Proficient in setting up and maintaining monitoring and alerting systems using AWS CloudWatch, Azure Monitor, and third-party SIEM tools.

    • Experience in developing incident response plans and conducting regular drills to ensure preparedness for security events.

    • Skilled in conducting root cause analysis and implementing corrective actions to prevent future incidents.

  • Compliance and Governance:

    • Thorough understanding of industry standards and frameworks such as ISO 27001, SOC 2, PCI DSS, and HIPAA.

    • Experience in maintaining documentation for security policies, procedures, and compliance audits.

    • Stay updated on emerging security threats and cloud security features to proactively address potential risks.

  • Vulnerability Management:

    • Hands-on experience with vulnerability assessment tools like Snyk, TruffleHog, and CrowdStrike CSPM to identify and remediate security issues.

    • Ability to prioritize and track remediation efforts to ensure timely resolution of vulnerabilities.

  • Collaboration and Training:

    • Proven ability to work closely with development, operations, and security teams to promote a culture of security and shared responsibility.

    • Experience in providing training and guidance on secure coding practices, cloud security, and DevSecOps methodologies.

 

Technical Must-Know Concepts

  • Application Security:

    • In-depth knowledge of secure coding practices, including familiarity with OWASP Top 10 and CWE guidelines.

    • Experience integrating security into the Software Development Life Cycle (SDLC).

  • Threat Modeling:

    • Proficiency in threat modeling methodologies such as STRIDE and DREAD.

    • Ability to identify attack surfaces and develop mitigation strategies.

  • Cloud Security:

    • Expertise in AWS and Azure security best practices, including IAM, KMS, GuardDuty, and Security Center.

    • Understanding of encryption mechanisms for data at rest and in transit.

    • Experience in hardening cloud resources to prevent unauthorized access.

  • Infrastructure and CI/CD Security:

    • Knowledge of securing Infrastructure as Code (IaC) using tools like Terraform and CloudFormation.

    • Experience with secrets management and integrating security scans (SAST, SCA, DAST) into CI/CD pipelines.

  • Vulnerability Management:

    • Proficiency in using tools like Snyk, TruffleHog, and CrowdStrike CSPM for vulnerability assessment.

    • Ability to prioritize vulnerabilities based on risk and impact.

  • Authentication and Authorization Security:

    • Understanding of OAuth 2.0, OpenID Connect, and Single Sign-On (SSO) principles.

    • Experience in implementing secure authentication and authorization mechanisms.

  • Container and Kubernetes Security:

    • Knowledge of container security best practices, including image scanning and hardening.

    • Experience with Kubernetes security features like RBAC and network policies.

  • Cryptography Fundamentals:

    • Familiarity with TLS/SSL protocols, encryption standards, and key management practices.

  • Security Standards and Compliance:

    • Awareness of frameworks such as NIST, ISO 27001, SOC 2, and PCI DSS.

    • Experience in aligning security practices with compliance requirements.

  • DevSecOps Tooling:

    • Proficiency in using CI/CD tools like GitHub, GitLab, and Bitbucket, and integrating security automation into workflows.

 

Be Bold. Be You. Be Boomi. We take pride in our culture and core values and are committed to being a place where everyone can be their true, authentic self. Our team members are our most valuable resources, and we look for and encourage diversity in backgrounds, thoughts, life experiences, knowledge, and capabilities.  

All employment decisions are based on business needs, job requirements, and individual qualifications.

Boomi strives to create an inclusive and accessible environment for candidates and employees. If you need accommodation during the application or interview process, please submit a request to talent@boomi.com. This inbox is strictly for accommodations, please do not send resumes or general inquiries. 

Set alerts for more jobs like Principal Software Engineer – DevSecOps
Set alerts for new jobs by Boomi
Set alerts for new Devops jobs in India
Set alerts for new jobs in India
Set alerts for Devops (Remote) jobs

Contact Us
hello@outscal.com
Made in INDIA 💛💙