Senior Software Engineer, Product 1225 jobs in United States
cer-icon
Apply on Employer Site
company-logo

nexus IT group · 1 month ago

Senior Software Engineer, Product 1225

positionBoulder, CO
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Nexus IT Group is seeking a Senior Software Engineer focused on security to design and implement security-focused software within their development lifecycle. The role involves building automated security controls into CI/CD workflows and collaborating with various teams to enhance security practices and compliance initiatives.

ConsultingSoftware
check
Growth Opportunities

Responsibilities

Help integrate automated security checks into CI/CD pipelines (e.g., SAST/DAST/SCA scans, SBOM tooling, vulnerability scanning via GitHub Actions or ArgoCD)
Contribute to the upkeep and evolution of common libraries and infrastructure for authentication, authorization, logging, and other runtime security elements
Assist in implementing technical controls—such as encryption, secure configuration, and monitoring—to meet CMMC-Level-2-equivalent requirements across access control, identity, system protection, and security monitoring categories
Join architecture reviews, code audits, and threat modeling sessions to surface and resolve issues like API weaknesses or supply-chain risks
Participate in code reviews, pair programming, and tooling development, supporting secure engineering practices across the organization

Qualification

Security EngineeringCI/CD SecurityCloud Security (AWS)Container SecuritySecurity Tools TrivySecurity Tools SnykPythonThreat ModelingOpen-source ContributionsRelevant CertificationsCollaboration Skills

Required

5+ years in software or security engineering, with 3+ years dedicated to security-focused work. Background in securing cloud environments (preferably AWS), strengthening CI/CD pipelines, and supporting compliance frameworks (NIST, CMMC, FedRAMP, etc.)
Experience with container and orchestration security (Docker/Kubernetes), common security tools (e.g., Trivy, Snyk, Falco, OPA), and languages commonly used for security tooling (Python, Rust). Strong understanding of contemporary attack vectors and defense techniques
Familiarity with threat classes (e.g., injection, lateral movement), control frameworks (e.g., NIST 800-53), DevSecOps practices, SBOM usage, zero-trust concepts, and SIEM-backed logging pipelines
Ability to partner effectively with engineering, infrastructure, and compliance teams, and contribute thoughtfully to internal and external security discussions

Preferred

Exposure to AWS-native security services (e.g., GuardDuty, Security Hub, Config) and infrastructure-as-code tools like Terraform
Experience with security for embedded or specialized hardware/software systems
Contributions to open-source security initiatives
Relevant certifications (CSSLP, OSCP, GIAC or similar) backed by practical experience
Comfort working in small, fast-moving engineering teams and taking guidance from senior security mentors

Company

nexus IT group

twittertwittertwitter
company-logo
Nexusitgroup is a company used for recruitment, it allows people to find jobs.
dateFounded in 2010
location
Kansas City, Missouri, USA
people-size11-50 employees
web-link
http://www.nexusitgroup.com

Funding

Current Stage
Early Stage

Recent News

"2024년 국내 서버시장 매출 5조 원··· 72.7% 성장" 한국IDC | CIO
The 7 hottest jobs in IT
2025-06-04
Company data provided by crunchbase