Sr. Software Engineer (Full Stack + DevSecOps Platform Engineer)

Job Title:

Sr. Software Engineer (Full Stack + DevSecOps Platform Engineer)

Location:

Irving, TX Duration:

Long-term Description:

Looking for an ideal candidate who can code, build pipelines, integrate scanners, understand

SBOM/CBOM

findings, troubleshoot AWS and production issues, and design safe AI-assisted remediation workflows.

Key Responsibilities:

• Design and build a centralized platform for SBOM and CBOM inventory.
• Scan applications, repositories, containers, dependencies, certificates, keys, crypto algorithms, TLS/HTTPS configurations, secrets, and runtime components.
• Build and integrate Jenkins/GitLab CI/CD pipelines for SBOM, CBOM, vulnerability, container, code, and crypto policy scans.
• Identify vulnerable dependencies, CVEs, weak cryptography, expired certificates, insecure TLS versions, hardcoded secrets, and non-compliant libraries.
• Build dashboards and reports for application inventory, vulnerability posture, crypto posture, remediation status, and SLA tracking.
• Integrate security tools such as Syft, Grype, CycloneDX, JFrog Xray, Sonatype, Checkmarx, Fortify, Veracode, or similar tools.
• Build AI-assisted remediation workflows using Claude or similar AI coding agents.
• Automate safe fixes such as dependency upgrades, base image updates, configuration changes, and pull request creation.
• Ensure all remediations go through build, test, scan, approval, audit, and rollback workflows before merge or deployment.
• Work closely with application, security, DevOps, and platform teams.

Required Skills:

• 8+ years of software engineering experience.
• 3+ years of DevOps, DevSecOps, platform engineering, or security automation experience.
• Strong Java/Spring Boot background.
• Hands-on CI/CD and cloud experience.
• Practical experience with security scanning and vulnerability remediation.
• Strong communication skills and ability to work across security, platform, DevOps, and application teams.
• Strong hands-on backend development experience with Java/Spring Boot.
• Experience with at least one additional language such as Node.js, Python, or Go.
• Experience building REST APIs, microservices, batch jobs, and platform integrations.
• Hands-on experience with Jenkins and/or GitLab CI/CD.
• Strong understanding of SBOM, dependency scanning, transitive dependencies, CVEs, and container image scanning.
• Good understanding of CBOM and crypto inventory, including TLS/HTTPS, Certificates, Keys, Cipher suites, Encryption algorithms, Hashing algorithms, Signing algorithms
• Keystores/truststores, Secrets management
• Ability to identify weak crypto such as

MD5, SHA-1, DES/3DES, RC4, RSA-1024, TLS 1.0/TLS

1.1, and disabled certificate validation.

• Hands-on AWS experience with services such as, Lambda, API Gateway, S3, DynamoDB, IAM, ECS/EKS, CloudWatch, X-Ray, Secrets Manager, KMS
• Experience with monitoring and troubleshooting tools such as Splunk, ELK/Kibana, CloudWatch, and X-Ray.
• Strong troubleshooting skills across application, pipeline, cloud, and security issues.

AI Auto-Remediation Expectations:

The candidate should understand how to use Claude or similar AI tools in a controlled engineering workflow, including:

• Vulnerability finding ingestion
• Code and dependency analysis
• Impact assessment
• Branch creation
• Code/config updates
• Test execution

SBOM/CBOM

regeneration

• Pull request creation
• Human approval for high-risk changes
• Audit and rollback controls

Preferred Skills:

• Experience building internal developer platforms or security automation platforms.
• Experience with vulnerability management and remediation workflows.
• Experience with policy engines such as OPA or custom rule engines.
• Knowledge of post-quantum cryptography readiness and crypto-agility.
• Experience with certificate lifecycle management, secrets management, and cloud security controls.
• Frontend experience with Angular or React for dashboards and reporting.