Staff Engineer, Software

thermofisher

Hyderabad 8 Years Exp Posted 2d ago

Job Description

  • Design, implement, and maintain secure CI/CD pipelines using Jenkins and GitLab, ensuring integration of security controls throughout the software delivery lifecycle 

  • Implement and manage automated SBOM generation (CycloneDX, SPDX) within CI/CD pipelines, ensuring accuracy and completeness of metadata 

  • Integrate SBOM data with vulnerability management platforms (e.g., Dependency-Track) to enable continuous monitoring of third-party risks 

  • Support compliance with cybersecurity regulations and standards (including Executive Order 14028), translating requirements into enforceable technical controls and preparation for EU CRA. 

  • Implement and manage vulnerability tracking and remediation workflows using tools such as DefectDojo 

  • Establish and enforce software supply chain security practices, including governance of third-party and open-source components 

  • Manage and maintain artifact repositories, ensuring proper classification of internal vs. external packages and secure usage of package sources (NuGet, Conan, Sky) 

  • Implement and enforce software license compliance, including automated license scanning and validation using SPDX identifiers 

  • Design and maintain secure, isolated, or controlled build environments to ensure integrity of the software build process 

  • Integrate static code analysis and security scanning tools (e.g.,SonarQube, TICS and CodeQL) into CI/CD pipelines 

  • Develop and maintain automation scripts (Python, PowerShell) to support security processes and pipeline efficiency 

  • Secure containerized environments (Docker, Kubernetes), including image hardening, access control (RBAC), and vulnerability scanning 

  • Collaborate with infrastructure teams to ensure VMware environments are hardened and aligned with security best practices 

  • Apply Secure Software Development Lifecycle (SSDLC) practices across development teams, embedding security early in the process 

  • Define, implement, and enforce security policies, standards, and compliance controls across development and DevOps workflows 

  • Collaborate closely with development, QA, and DevOps teams to remediate vulnerabilities and improve secure coding practices 

  • Support audit and compliance activities by maintaining documentation, traceability, and evidence in tools such as Confluence 

  • Proven experience in supporting teams performing OWASP threat modeling 

  • Participate in Agile processes using Jira, contributing to sprint planning, backlog refinement, and continuous improvement initiatives 

  • Work within Scrum, Kanban, and scaled Agile (ART) environments, collaborating with cross-ART teams to align on shared security practices 

  • Perform risk assessments and proactively identify security gaps, proposing and implementing mitigation strategies 

  • Continuously improve DevSecOps tooling, processes, and practices to enhance security posture without impacting delivery speed 

 

Requirements: 

 

The ideal candidate combines strong DevOps expertise with deep knowledge of application security, 

software supply chain security, and regulatory compliance, and thrives in complex, highly regulated environments. 

  • University degree in Computer Science, Cybersecurity, Software Engineering, or a related technical discipline 

  • 8+ years of Strong experience designing, implementing, and maintaining secure CI/CD pipelines using Jenkins and GitLab 

  • Mandatory hands-on experience implementing Software Bill of Materials (SBOM) generation within CI/CD pipelines (CycloneDX, SPDX formats), including metadata collection and validation 

  • Experience integrating SBOMs with vulnerability management platforms such as Dependency-Track or equivalent tools 

  • H

Similar Openings for You