Principal Software Engineer - Security Architect
Principal Software Engineer - Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About Boomi and What Makes Us Special
Are you ready to work at a fast-growing company where you can make a difference Boomi aims to make the world a better place by connecting everyone to everything anywhere. Our award-winning intelligent integration and automation platform helps organizations power the future of business. At Boomi youll work with world-class people and industry-leading technology. We hire trailblazers with an entrepreneurial spirit who can solve challenging problems make a real impact and want to be part of building something big. If this sounds like a good fit for you check out or visit ourBoomi Careers page to learn more.
Position Overview
We are seeking a hands-on Security Architect to join our engineering organization. This critical role will drive alignment between vulnerability management remediation iniatives and DevSecOps coordinate with engineering and product teams on security implementation and support strategic security initiatives. The ideal candidate will combine deep technical expertise with strong communication skills to influence and strengthen our overall security posture across the organization.
Role and Responsibilities
Work closely with the DevSecOps team to implement security strategies and remediation plans.
Act as the primary engineering interface for security posture vulnerability remediation and secure development practices.
Perform hands-on security architecture reviews threat modeling secure code reviews and secure design evaluations.
Collaborate with engineering teams to drive adoption of security tools frameworks and best practices.
Integrate security controls and checks into CI/CD pipelines and engineering workflows.
Contribute to Project Phoenix execution and participate in other strategic security engineering initiatives.
Identify assess prioritize and drive remediation of vulnerabilities across application cloud and infrastructure environments.
Mentor engineering teams to adopt security-first design and implementation principles.
Track and respond to evolving security threats integrating learnings into engineering processes.
Technical Must-Know Concepts
Candidates are expected to demonstrate strong expertise in the following areas:
Application Security: Secure coding practices (OWASP Top 10 CWE) secure SDLC integration.
Threat Modeling: STRIDE DREAD frameworks attack surface identification and mitigation planning.
Cloud Security: AWS security best practices (IAM KMS GuardDuty) encryption at rest and transit cloud resource hardening.
Infrastructure and CI/CD Security: Security in IaC (Terraform CloudFormation) secrets management pipeline security integration (SAST SCA DAST IaC scanning).
Vulnerability Management: Experience with tools like Snyk TruffleHog CrowdStrike CSPM or similar; prioritization and remediation of vulnerabilities.
Authentication and Authorization Security: OAuth 2.0 OpenID Connect SSO security principles.
Container and Kubernetes Security: Image scanning container hardening Kubernetes RBAC network policies.
Cryptography Fundamentals: Understanding TLS/SSL encryption standards key management practices.
Security Standards and Compliance Awareness: Familiarity with NIST ISO 27001 SOC 2 PCI DSS frameworks.
DevSecOps Tooling: GitHub GitLab Bitbucket CI/CD pipelines and security automation integrations.
Be Bold. Be You. Be Boomi. We take pride in our culture and core values and are committed to being a place where everyone can be their true authentic self. Our team members are our most valuable resources and we look for and encourage diversity in backgrounds thoughts life experiences knowledge and capabilities.
All employment decisions are based on business needs job requirements and individual qualifications.
Boomi strives to create an inclusive and accessible environment for candidates and employees. If you need accommodation during the application or interview process please submit a request to. This inbox is strictly for accommodations please do not send resumes or general inquiries.
Required Experience:
Staff IC
Employment Type
Full Time
