Security Software Developer
Maryland, United States of America
Full Time
3 hours ago
No Visa Sponsorship
Key skills
AWSAzureCloudDockerGoogle Cloud PlatformJavaKubernetesPythonGoC#CGCPGoogle CloudIAMJWTCI/CDLeadershipCommunicationCollaborationOWASP
About this role
Role Overview
- Design and implement security features, libraries and automation that integrate into our software delivery lifecycle.
- Combine hands‑on secure coding with collaboration across application, platform and security teams to reduce risk, improve runtime protection and embed security earlier in development.
- Work closely with developers, platform engineers and security colleagues to deliver production-ready, secure software and to continuously improve tooling, processes and developer experience.
- Develop and integrate security automation and developer tooling into CI/CD pipelines to support shift-left security, automated scanning and feedback loops.
- Build runtime defence capabilities such as input validation, secure authentication/authorisation flows, secrets handling, and secure configuration management.
- Author and maintain static and dynamic analysis integrations, custom rules or detectors, and remediation guidance to reduce vulnerability introduction and speed up fixes.
- Collaborate with application teams to threat-model, define security controls and ensure secure implementation of features across the development lifecycle.
- Implement logging, telemetry and alerting for security-related events and provide actionable context to support incident detection and response.
- Participate in vulnerability triage, root cause analysis and coordinated remediation; contribute to post-incident reviews and preventative measures.
- Produce clear developer-focused documentation, secure coding guidelines and runbooks to improve team capability and promote consistent practices.
Requirements
- Bachelor’s degree in Computer Science, Engineering or a related discipline, or equivalent practical experience.
- Proven experience (typically 3–7 years) in software development with a focus on security, secure design or security engineering within cloud-native environments.
- Strong programming skills in one or more languages commonly used for backend and tooling (e.g., Python, Go, Java, C#) and experience producing well-tested, maintainable code.
- Experience integrating security tooling (SAST, DAST, SCA, dependency scanning) into CI/CD pipelines and developing custom checks or rules.
- Solid understanding of authentication and authorisation standards (OAuth2, OpenID Connect, JWT), secrets management, cryptography basics and secure session handling.
- Familiarity with container and orchestration environments (Docker, Kubernetes) and practical experience implementing runtime security controls and image hardening.
- Experience with cloud platforms (AWS, Azure or GCP) and applying platform security best practices (IAM, network controls, KMS, secrets stores).
- Good knowledge of secure development lifecycle concepts, threat modelling, and common vulnerability classes (OWASP Top Ten, SANS CWE).
- Excellent communication skills with the ability to explain security concepts to developers and stakeholders and to produce clear technical documentation.
Tech Stack
- AWS
- Azure
- Cloud
- Docker
- Google Cloud Platform
- Java
- Kubernetes
- Python
- Go
Benefits
- Competitive base salary with performance-related bonus and incentives linked to technical and delivery outcomes.
- Flexible working arrangements, including hybrid options to support a healthy work–life balance.
- Supportive and inclusive culture with investment in professional development, training, and mentorship opportunities.
- Opportunity to influence security strategy, adopt emerging defensive technologies and progress into senior technical or security leadership roles.
- Work on high-impact security and software engineering engagements across public sector and commercial clients.