Black Duck Software, Inc.

Senior Cloud Security Engineer

Black Duck Software, Inc. · Belfast, Northern Ireland, United Kingdom

Software Development · 5,001-10,000 employees

4 h ago
Senior (5-10 yrs) Full-time United Kingdom
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Design and operate security controls for SaaS platforms across AWS and GCP while driving remediation with engineering partners. Lead cloud security projects, automate security workflows, and serve as a technical SME to improve organizational security posture.

What they look for

Cloud Security AWS GCP Kubernetes Python Bash Terraform CSPM CNAPP DevSecOps Infrastructure as Code Vulnerability Management SOC 2 ISO 27001 Threat Modeling CI/CD

Requirements

Requires 5-7+ years of information security experience with at least 3 years focused on securing cloud environments at scale. Must be proficient in Python/Bash, infrastructure as code, and containerized platforms like Kubernetes.

Full description

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

The Senior Cloud Security Engineer is a key technical contributor and emerging leader within Black Duck’s Security Operations team, responsible for securing cloud-based SaaS platforms and infrastructure at scale. Operating with broad autonomy, you design and operate security controls, drive remediation with engineering partners, and shape cloud security standards across the organization. The role combines specialized cloud security expertise across posture management, detection and response, and DevSecOps with increasing technical leadership: driving cross-functional initiatives, coaching peers, and translating technical expertise into systematic, organization-wide improvements.

Essential Functions/Responsibilities

  • Act as Cloud Security Subject Matter Expert (SME); develop and maintain cloud security standards, policies, procedures, and best-practice documentation defining Black Duck’s cloud security baseline.
  • Design, build, and operate security controls for SaaS services running on AWS, GCP, and other cloud environments.
  • Continuously monitor cloud resources and configurations to identify security risks; triage findings and drive remediation with resource owners.
  • Identify threats through vulnerability assessments, penetration testing support, and log analysis; ensure security controls meet compliance requirements including SOC 2 and ISO 27001.
  • Automate cloud security controls, data collection, and workflows using Python, Bash, cloud APIs, and infrastructure as code to improve operational efficiency and scale coverage.
  • Operate and enhance the cloud security tooling ecosystem, including logging, monitoring, CSPM/CNAPP, vulnerability management, and detection platforms.
  • Integrate security controls into CI/CD pipelines and engineering delivery workflows, advancing DevSecOps practices across the organization.
  • Lead containment, forensic analysis, and remediation for cloud security incidents in partnership with CSIRT and engineering teams.
  • Lead cloud security projects and major components of complex, cross-functional initiatives; influence cloud security architecture and strategy decisions across engineering, platform, and IT organizations.
  • Design and improve cloud security processes and operational procedures to systematically reduce risk and increase organizational efficiency.
  • Communicate cloud security risks, findings, and recommendations to Director- and VP-level stakeholders.
  • Serve as a technical leader and coach for less experienced engineers; lead and participate in security reviews, threat modeling sessions, and architecture discussions.
  • Negotiate and build consensus across engineering, platform, IT, and vendor partners; explain difficult or sensitive security information clearly to technical and non-technical audiences, including executives.
  • Other tasks and activities as assigned.

Required Education/Experience & Skills

  • 5–7+ years of experience in information security with demonstrated depth in cloud security; minimum 3 years of hands-on experience securing cloud environments (AWS, GCP, Azure, or equivalent) at scale.
  • Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent practical experience.
  • Specialized knowledge of cloud security principles, architectures, and controls with depth in at least one major cloud provider.
  • Hands-on experience with containerized and Kubernetes-based platforms; experience with cloud security monitoring, logging, and CSPM/CNAPP tools; demonstrated ability to design, implement, and operate security controls at scale.
  • Strong experience with Python and/or Bash scripting for security automation, tooling, and integration; proficiency with infrastructure as code technologies such as Terraform, CloudFormation, or Helm.
  • Proven ability to lead projects and coordinate cross-functional teams; track record of designing process improvements and systematic changes that improve team or organizational outcomes.

Black Duck is an equal opportunity employer. We consider all applicants for employment without regard to race, color, national origin, religion, sex, gender identity or expression, age, disability, sexual orientation, veteran or military service status, or any other characteristic protected by applicable law. Black Duck complies with all applicable laws prohibiting employment discrimination in every jurisdiction where it operates and provides reasonable accommodations to individuals with disabilities in accordance with applicable law.