• Develop and maintain secure, high-quality Java code for tools, integrations, or product features.
• Design and implement secure CI/CD pipelines with DevSecOps practices.
• Manage containerization and orchestration using Docker and Kubernetes.
• Automate security-related tasks and processes using Python or other scripting languages.
• Collaborate with development teams to integrate security controls and static/dynamic analysis tools into CI/CD workflows.
• Implement and manage product security tools (e.g., SAST, DAST, SCA, container scanning).
• Advocate for security best practices across engineering teams through training, documentation, and tooling.
• Monitor the security landscape for new vulnerabilities, tools and threats relevant to our tech stack.

Required Qualifications
• 3+ years of experience in software engineering or product security engineering.
• Strong proficiency in Java and experience developing secure applications.
• Hands-on experience with containers (Docker) and Kubernetes in production environments.
• Deep understanding of DevSecOps principles and secure SDLC.
• Proficiency in scripting languages like Python, Bash, or similar.
• Familiarity with security tools such as Fortify, JFrog, Checkmarx, Aqua, Sonatype, Blackduck etc.
• Experience with CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI).
• Solid grasp of application and cloud security principles.
• Knowledge of cloud-based development is a plus