SDLC Security Engineer, Product Security

Job description

We are seeking a highly experienced and technically proficient SDLC Architect to join our Product Security team. This critical role is centered on designing, defining requirements for, and leading the implementation of a world-class Software Development Lifecycle (SDLC) process with a paramount focus on security. Our objective is to embed security seamlessly and efficiently into every phase of development, from initial concept to deployment and beyond. The primary focus of this position is to work with our Secure SDLC. This involves a deep partnership with engineering, product management, and operations teams to ensure that security is a consistent and non-negotiable requirement throughout the product development pipeline.

What You’ll Do:

• SDLC Design and Optimization: Design, document, and champion an end-to-end Secure SDLC that aligns with industry best practices, regulatory requirements, and the specific needs of our product portfolio.
• Security Automation and Tooling: Identify, evaluate, and integrate security tools and controls (e.g., SAST, DAST, SCA, IAST, secret scanning) directly into the CI/CD pipelines to automate security gates and checks.
• Balancing Security and Velocity: The core goal is to build an SDLC that expertly maximizes developer productivity and agility while simultaneously ensuring that all security requirements placed upon our products—including data protection, compliance, and threat mitigation—are consistently met and verifiable.
This is an excerpt. Read the full job description on Recorded Future careers →