Senior Engineer, Platform Engineering (Security)
Locations: San Diego, CA, United States
Time Type: Full time
Posted on: Posted 3 Days Ago
Job Requisition ID: JR_034964
The Digital Health Technology team powers digital experiences and engagement to enhance the lives of millions of people every day through connected care. We build, deliver, and manage a portfolio of data management platforms and mobile offerings in support of our core businesses. We thrive on simple and elegant architecture and agility. You’ll be immersed in a dynamic high-growth environment and empowered to excel, take informed risks, and drive ingenuity across the enterprise.
Let’s talk about the team
Our vision is to create a high performing unified development platform (DevX) across ResMed that is a joy to use, simplifies and accelerates development while allowing us to attract and retain world-class talent. We strive to standardize and simplify how we build, package, deploy, and monitor software across ResMed.
Let’s talk about the role
- You have a security-first mentality within the context of software development with a deep empathy for the challenges of modern software development.
- You have a demonstrated track record of full-lifecycle product development from inception to happy customers.
- You are comfortable presenting your ideas to all levels of management including technical and non-technical audiences.
- You proactively identify and address vulnerabilities in platform services to preempt security gaps.
- You drive security roadmaps and migration plans to achieve strategic goals and achieve consensus with other ResMed teams.
- You guide the organization in secure development practices, fostering a culture of security awareness and excellence.
- You craft standardized, reusable security measures that enhance our platform's resilience.
- You implement scalable monitoring and automation for swift incident response, ensuring robust security oversight.
- You work closely with development teams across ResMed, empowering your colleagues with the knowledge and tools for secure coding practices, significantly elevating the security posture of all ResMed solutions.
Let’s talk about you
- BS/MS in Computer Science or equivalent experience with specialization in security. Cloud security certifications, preferably AWS Certified Security - Specialty.
- At least 5-8 years of experience in developing secure infrastructure and software solutions, with a proven track record in threat modeling, risk assessment, and end-to-end security project work with aspiration for technical architecture leadership career path.
- Extensive knowledge of at least one programming language (Java, Go, Python, TypeScript), with a strong emphasis on secure coding practices, familiarity with SCA tools, and experience in implementing SDLC processes.
- Strongly held test practices regardless of language or tools.
- Record of delivering documentation alongside code using frameworks such as Markdown.
- Deep knowledge of source control, branching & release strategies, pull requests, and automated quality gates using tools such as GitHub.
- 5+ years of experience in public cloud (AWS) in securing services and cloud-native technologies including Kubernetes, Docker, serverless, etc.
- Advanced CI/CD automation skills, with expertise in deploying applications and infrastructure using scripting languages, IaC, package and artifact management, and integrating DAST and SAST tools within CI/CD pipelines.
- Demonstrable expertise in SIEM and SOAR tools, with practical experience in configuring, tuning, and developing custom integration and automation scripts.
- Applied knowledge of cryptography, focusing on practical encryption methods, secure key management, and understanding the basics of how to protect information against current threats.
- Strong understanding of API design, especially RESTful, with experience in securing APIs using gateways, service meshes, and implementing secure authentication and authorization mechanisms, including JWT.
- Comprehensive knowledge of network security practices, including micro segmentation, SDN security, and IDS/IPS, alongside basic firewalls and advanced WAF, with familiarity with ZTNA concepts.
- Well-versed in security standards and frameworks such as OWASP ASVS, CVEs, SOC2, FIPS, NIST, FedRAMP, HIPAA, etc., with experience implementing security controls and compliance in a DevSecOps culture.
- Advanced understanding of package management tools such as JFrog Artifactory and have working experience with securing package delivery process.
We are shaping the future at ResMed, and we recognize the need to build on and broaden our existing skills and continue to attract and retain the world’s best talent. We work hard to offer holistic benefits packages, provide flexible work arrangements, cultivate a workforce culture that allows employees to grow personally and professionally, and deliver competitive salaries to our team members.
This role is eligible to receive an annual cash bonus payment based on company, business unit, and/or individual performance.
Base Pay Range for this position: $134,000 - $202,000.
Joining us is more than saying “yes” to making the world a healthier place. It’s discovering a career that’s challenging, supportive, and inspiring. Where a culture driven by excellence helps you not only meet your goals but also create new ones. If this sounds like the workplace for you, apply now!
ResMed Corporation is an equal opportunity employer and provides equal opportunity in employment for all qualified persons, without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
#J-18808-Ljbffr