Business Area:

Seniority Level:

Job Description:

At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world’s largest enterprises.

We are seeking a highly skilled and motivated Staff Full Stack Engineer (contract position) to join our Product Security team, focusing on the development and enhancement of Heimdall, our internal vulnerability metrics and dashboard capability. This role demands an engineer with end-to-end full lifecycle development experience, adept at translating requirements, UI mockups, and specifications into a robust, reliable product that our internal stakeholders can trust for critical security insights.

As a Staff Full Stack Engineer you will…

• Learn and Adapt

  • Get familiarized with Cloudera’s products and services end-to-end and gain a full appreciation for the product and development lifecycle.

  • Understand our open source and proprietary ecosystem, and identify areas for improvement in terms of current CVE remediation efforts.

• Design and Development:

  • Identify tooling and frameworks for improving developer productivity - AI/ML Tools that can expedite in remediating CVE fixes

  • Design and develop POCs to enterprise-class solutions to enable the delivery of high-quality remediation across the entire customer-facing Cloudera stack.

• Process:

  • Work alongside the product security team to evaluate and enhance existing security tools (SCA, SAST, DAST, etc.) and explore new technologies to improve vulnerability detection and remediation speed/accuracy.

  • Integrate enhanced security scanning into CI/CD pipelines.

  • Contribute to the development of a proactive dependency management strategy.

  • Participate in defining and enforcing clear CVE SLAs and accountability.

• Collaboration & Communication:

  • Work closely with cross-functional teams including Product Security, Engineering Component Teams, QE, Release Engineering, and Customer Support.

  • Contribute to regular reporting on CVE debt reduction, SLA adherence, and other key metrics.

  • Actively participate in daily stand-ups and other team meetings.

We’re excited about you if you have:

• Bachelor's or Master's degree in Computer Science, Software Engineering, or a related field.

• 5-7 years of experience as a Software Engineer, with a strong focus on security and vulnerability remediation as a big plus.

• Strong proficiency in at least two of the following programming languages: Python, Go, TypeScript, React JS.

• Proficiency with vulnerability management CVE tooling such as Aquasec, Triaging, and JIRA ticketing.

• Hands-on experience with tools like Docker, Maven, SonarQube, Harness, Jenkins, and GitHub Actions.

• Experience with relational databases (e.g., Postgres/RDS).

• Familiarity with cloud essentials, particularly Kubernetes and AWS.

• Experience contributing to open-source projects is a plus.

• Excellent problem-solving skills, with the ability to diagnose and resolve complex security issues in large-scale software systems.

• Strong communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.

• Experience with large-scale software development and testing.

EEO/VEVRAA

#LI-SZ1

#LI-REMOTE