SDLC Security Engineer, Product Security

With 1,000+ intelligence professionals serving over 1,900 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

We are seeking a highly experienced and technically proficient SDLC Architect to join our Product Security team. This critical role is centered on designing, defining requirements for, and leading the implementation of a world-class Software Development Lifecycle (SDLC) process with a paramount focus on security. Our objective is to embed security seamlessly and efficiently into every phase of development, from initial concept to deployment and beyond. The primary focus of this position is to work with our Secure SDLC. This involves a deep partnership with engineering, product management, and operations teams to ensure that security is a consistent and non-negotiable requirement throughout the product development pipeline.

 

• SDLC Design and Optimization: Design, document, and champion an end-to-end Secure SDLC that aligns with industry best practices, regulatory requirements, and the specific needs of our product portfolio.
• Security Automation and Tooling: Identify, evaluate, and integrate security tools and controls (e.g., SAST, DAST, SCA, IAST, secret scanning) directly into the CI/CD pipelines to automate security gates and checks.
• Balancing Security and Velocity: The core goal is to build an SDLC that expertly maximizes developer productivity and agility while simultaneously ensuring that all security requirements placed upon our products—including data protection, compliance, and threat mitigation—are consistently met and verifiable.
• Requirement Definition: Translate high-level security policies and risk management objectives into clear, actionable, and testable technical requirements for development teams.
• Developer Enablement: Develop and deliver training, guidelines, and documentation to empower developers to write secure code from the outset, adopting a 'Security as Code' mindset.
• Collaboration and Reporting: This role requires close collaboration with all engineering disciplines and involves participation in the Platform Security team's daily operations, including incident response and threat modeling as needed.
• Reporting Structure: This vital role reports directly to the Director of Platform Security, who is based in our Gothenburg office.

 

• 3+ years of relevant professional experience
• Proven background in software development, specifically in designing and implementing robust SDLC processes and CI/CD pipelines
• Solid expertise in computer security principles
• A strong ability to assess risks and make informed decisions
• A keen interest in finding and balancing security needs with developer productivity
• Excellent communication skills and the ability to effectively build relationships across different teams

 

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.6-star user rating on G2 and more than 50% of Fortune 100 companies as customers.

Want more info? 
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Linkedin, Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles.  By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.
If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com 

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.
Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Recorded Future does not administer a lie detector test as a condition of employment or continued employment. This is in compliance with the law of the Commonwealth of Massachusetts, and in alignment with our hiring practices across all jurisdictions.

Recorded Future maintains a drug-free workplace.

Note: Our interview process for all final-round candidates requires a mandatory in-person interview or a live, scheduled video conference with the hiring manager. We do not conduct interviews via instant messaging or text. All communications during the application process will come from individuals within our HR department via their Recorded Future email address.

Notice to Agency and Search Firm Representatives: Recorded Future will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Recorded Future, including those sent to our employees or through our website, will become the property of Recorded Future. Recorded Future will not be liable for any fees related to unsolicited resumes.

Agencies must have a valid written agreement in place with Recorded Future's recruitment team and must receive written authorization before submitting resumes. Submissions made without such agreements and authorization will not be accepted and no fees will be paid.