Software Dev Principal Engineer – Security

Job Description

Overview

Job Title: Principal Engineer Security & Cloud Engineering (Product & SC)

Location: Hybrid

Experience: 10+ years

Employment Type: Full-time

We are looking for a Principal Engineer to lead Security and Cloud Engineering efforts for our enterprise Java product with both On-Prem and SaaS deployments. This is a hands-on leadership role driving secure SDLC practices, DevSecOps automation, container security, and platform hardening. You will work closely with engineering, DevOps, QA, and compliance teams to protect the product and infrastructure from vulnerabilities and ensure compliance.

Responsibilities

- Application & Infrastructure Security
- Lead secure coding practices and integrate SAST, DAST, Penetration Testing, and vulnerability scanning into the development lifecycle.
- Analyze and remediate findings from tools like SpotBugs, Polaris Synopsys, Acunetix, and custom security assessments.
- Threat Modeling & Risk Mitigation
- Perform threat modeling, assess security risks including SQL injection, XSS, CSRF, and privilege escalation.
- Guide teams on secure implementation patterns and anti-patterns.
- Cloud & Container Security
- Harden Docker, Kubernetes, and SaaS infrastructure for multi-tenant, secure-by-design deployments.
- Implement policies for image scanning, secrets management, network segmentation, and runtime security.
- Security Automation & DevSecOps
- Automate security checks in CI/CD pipelines using tools like GitLab CI, Jenkins, SonarQube, etc.
- Promote Infrastructure as Code (IaC) security and integrate tools for Terraform/Helm validations.
- Governance & Compliance
- Define and enforce security standards aligned with OWASP, CIS Benchmarks, and industry best practices.
- Maintain documentation and assist with security audits and compliance requirements.
- Mentoring & Collaboration
- Mentor engineers on secure design, coding, and deployment practices.
- Collaborate with product owners and engineering managers to drive secure feature development.

Qualifications

Required Qualifications

- 12+ years of experience in application security, DevSecOps, or cloud security within enterprise Java environments.
- Strong knowledge of penetration testing, static/dynamic analysis, and tools like SpotBugs, Polaris, Acunetix, OWASP ZAP, etc.
- Expertise in secure coding, vulnerability assessment, and remediating common issues like SQL injection, XSS, and insecure deserialization.
- Hands-on experience with Docker, Kubernetes, Helm, and cloud-native security tooling.
- Familiarity with SaaS security concerns: multi-tenancy, access isolation, data encryption, and secure APIs.
- Experience integrating security into CI/CD pipelines and using GitOps principles.

Preferred Qualifications

- Certifications such as OSCP, CEH, CISSP, or CKS (Certified Kubernetes Security Specialist).
- Prior experience with security automation, policy-as-code, or container scanning platforms (e.g., Trivy, Aqua, Prisma).
- Knowledge of threat modeling frameworks (e.g., STRIDE) and secure architecture principles.
- Exposure to Gen AI tools for secure code analysis, vulnerability triaging, or automated documentation.

What We Offer

- Opportunity to influence product direction and architecture.
- A collaborative and learning-focused environment.
- Access to modern tools and Gen AI platforms.
- Competitive salary and performance bonus
- Health insurance
- Hybrid work model

Company Overview

Quest Software builds the foundation for enterprise AI with solutions in data governance, cybersecurity, and platform modernization. More than 45,000 companies including 90% of the Fortune 500 trust Quest to solve their most critical IT challenges. From securing identities and modernizing platforms to preparing data for AI, we help enterprises unlock their full potential.

Why Quest

At Quest, Your Work Makes An Impact. Youll Help Organizations Get AI-ready While Building Your Career With a Global Team Of Innovators. We Offer

- Competitive pay, annual bonuses, and top-performer recognition.
- Comprehensive health, family, and retirement benefits.
- Flexible work options, generous PTO, and wellness programs.
- Professional growth through learning platforms, mentorship, and leadership programs.
- Inclusive teams that reflect the world we serve, supported by Employee Resource Groups and our Equality & Inclusion Council.

Quest is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.

Come join us. For more information, visit us on the web at Quest Careers | Where next meets now. Join Quest.

Job seekers should be aware of fraudulent job offers from online scammers and only apply to roles listed on quest.com/careers using our applicant system. Note: We do not use text messaging or third-party messaging apps like Telegram to communicate with applicants, so please exercise caution if you are approached in this way and only interact with people claiming to be Quest employees if they have an email address ending in @quest.com or @oneidentity.com

---