Software Quality & Compliance Lead
Share
Job Location:
Santa Monica, CA - USA
Yearly Salary:
$ 90000 - 100000
Posted on:
Yesterday
Vacancies:
1 Vacancy
Job Summary
Role Summary
Our client is looking for a Software Quality & Compliance Lead who will own the end-to-end quality bar across products and services. Define engineering standards lead independent verification & validation and operate the final quality/compliance gate before releases.
Key Responsibilities
- Define maintain and enforce secure SDLC and quality policies across codebases and services.
- Lead independent V&V activities with objective evidence for acceptance.
- Conduct systematic code and design reviews (manual tool-assisted) to prevent defects and regressions.
- Build and maintain automated quality gates in CI/CD (tests coverage SAST/DAST/SCA license checks SBOM generation).
- Drive software supply-chain hygiene (dependency governance artefact signing provenance vulnerability SLAs).
- Own test strategy: plans requirements traceability environments data and the full defect lifecycle (triage fix verify close).
- Prepare audit-ready documentation (test reports risk registers CAPAs) and lead corrective/preventive actions.
- Mentor engineers; publish playbooks checklists and run training sessions.
- Define and report KPIs (defect escape rate MTTR for vulnerabilities coverage flaky-test rate policy adherence).
- Serve as final go/no-go approver against quality and compliance criteria.
Skills Knowledge and Expertise
Qualifications Required:
- 5 years in software quality DevSecOps security engineering or V&V for cloud distributed or embedded/edge systems.
- Hands-on experience with automated testing and CI/CD quality gates.
- Proficiency with at least two of: SAST DAST IAST SCA coverage/reporting frameworks and end-to-end testing tools.
- Strong grasp of secure SDLC and modern software supply-chain practices (SBOMs attestations artefact signing).
- Proficiency in one or more languages (e.g. Python TypeScript/JavaScript Go C/C).
- Excellent documentation discipline and clear concise communication.
Nice to have:
- Background in mission-critical safety-critical or regulated environments.
- Threat modelling and risk management (e.g. STRIDE) fuzzing and runtime security.
- IaC security and policy-as-code (e.g. Terraform OPA).
- Familiarity with standards/guidelines like CERT or MISRA where relevant.
- Prior experience leading a quality/compliance or V&V function.
Typical Tooling (illustrative)
- Versioning/CI: GitHub/GitLab CI runners
- Code Quality: CodeQL Semgrep SonarQube
- App Sec: OWASP ZAP/Burp Snyk/Dependabot Trivy/Grype
- Testing: pytest Jest Playwright/Cypress
- Governance: SBOM (CycloneDX/SPDX) artefact signing (e.g. cosign) reporting dashboards
Benefits
- Collaborative supportive team culture where cross-functional work is the norm and everyone contributes to problem-solving.
- Fast-paced innovation-driven culture that values creativity problem-solving and technical mastery.
- Flexible PTO and comprehensive benefits that support worklife balance.
Key Skills
- JSP
- Design Management
- Facilities Management
- ABAP
- Fiber
- Account Opening
About Company
Escalon provides your company an experienced, one-stop shop for all your essential business services. Escalon Services Provides financial outsourcing sevices, Accounting services, Tax management services.
