Senior Software Engineer, Platform Security
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 5+ years of progressive software development experience, with at least 3 years focused on building security features or secure applications. • A BS or MS in Computer Science, Engineering, or a related field, or equivalent industry experience. • Expert-level proficiency in at least one major programming language such as Java, Kotlin, Go, or Python with a proven history of building scalable and secure applications. • Deep experience with cloud technologies (AWS, Azure, etc.), particularly in securing cloud-native applications. • Experience developing, documenting, and supporting secure REST APIs. • Strong understanding of common security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques. • Experience with containerization and orchestration technologies (Kubernetes) in a secure development context. • Proficiency with modern security tools and practices, including static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA). • A critical thinker with a proven ability to troubleshoot complex security-related problems in high-pressure production environments. • Excellent verbal and written communication skills and a collaborative spirit. This will include fluency in English. • 1 year professional experience leveraging AI-based workflows to author, maintain, review, deploy, and maintain code. • 1+ years building AI features that incorporate generative AI or agentic workflows to solve customer problems with measurable business impact. • Legally eligible to work in Bulgaria on an ongoing basis. • Fluency in English is required. • Advanced industry certifications such as CSSLP, OSCP, or cloud-specific security certifications. • Get to Know Us: • Get to Know Us: • At Smartsheet, your ideas are heard, your potential is supported, and your contributions have real impact. You’ll have the freedom to explore, push boundaries, and grow beyond your role. We welcome diverse perspectives and nontraditional paths—because we know that impact comes from individuals who care deeply and challenge thoughtfully. When you’re doing work that stretches you, excites you, and connects you to something bigger, that’s magic at work. Let’s build what’s next, together.
Responsibilities
• work remotely from Bulgaria. • Develop Secure Product Features: Design, build, and implement security features and functionalities directly into our SaaS product using modern programming languages (e.g., Java, Kotlin, Go, TypeScript, Python) and associated frameworks. • Develop Secure Product Features: • Build Scalable and Secure Services: Develop scalable back-end services and APIs with a security-first mindset, ensuring high availability and performance in our multi-cloud environment (primarily AWS). • Build Scalable and Secure Services: • Integrate Security into SDLC: Collaborate with product and engineering teams to embed security best practices throughout the entire software development lifecycle, from design to deployment. • Integrate Security into SDLC: • Automate Security Controls: Engineer and automate security controls, threat detection mechanisms, and vulnerability remediation processes within the application. • Automate Security Controls: • Conduct Code Reviews and Architectural Discussions: Participate actively in code reviews and architectural discussions, advocating for secure coding practices and robust security designs. • Conduct Code Reviews and Architectural Discussions: • Solve Challenging Security Problems: Tackle complex security challenges related to data protection, access control, authentication, authorization, and secure communication within a distributed system. • Solve Challenging Security Problems: • Create and maintain API integrations between internal and external systems. Implement and test API solutions to ensure they meet functionality, performance, and security standards. Monitor API performance and address any integration challenges or issues. • Create and maintain API integrations between internal and external systems. • Mentor and Lead: Serve as a subject matter expert in application security, mentoring junior engineers and fostering a culture of security ownership across development teams. • Mentor and Lead: • Strategically Apply AI Tools: Strategically apply and champion AI tools within your team's domain to improve project execution, system design, quality, and debugging, leading adoption of AI best practices and driving measurable productivity gains. • Strategically Apply AI Tools: • Assist with Security Incident Remediation: We manage a SOC on a global 24/7 basis. This role will assist in that effort during daytime working hours.