Cognyte Principal Security Engineer 

Bulgaria, Sofia 

616298072

Today’s world is crime-riddled. Criminals are everywhere—virtual, invisible, and sophisticated. Traditional ways to prevent and investigate crime and terror are no longer enough.

Technology is advancing at lightning speed. Criminals know it—and they exploit it. So do we.

For nearly 30 years, the brilliant minds atCognyte

We’re now looking for an exceptionalPrincipal Security Engineerto drive the security of our cloud-native platform and DevOps processes.

As a
Principal Security Engineeryou’ll be the driving force behind securing our application and infrastructure layers, embedding security best practices across the SDLC and modern DevOps workflows.

You'll work closely with DevOps engineers, backend developers, and architects to secure our code, product, CI/CD pipelines, Kubernetes infrastructure, and identity systems. Your goal will be to make security a shared responsibility across the company.

As a Cognyter you will:

• Define and implement DevSecOps practices—integrating security into CI/CD pipelines using industry-leading tools (e.g., SAST, DAST, IaC scanners)
• Automate vulnerability scanning, secrets detection, and compliance checks in pipelines and container workflows
• Harden Kubernetes environments (RBAC, PSP, network policies, admission controllers), VMs, and cloud deployments
• Secure setups and identity flows with proper token strategies, MFA, and access controls
• Collaborate with development and architecture teams to perform risk analysis and threat modelling for critical systems and features
• Promote secure coding practices, conduct internal workshops, and elevate the security mindset across engineering

For that mission you'll need:

• 5+ years of experience in Security Architecture or DevSecOps roles
• Expertise in securing Java-based systems (Spring Boot) and modern CI/CD workflows (preferably Jenkins)
• Proven experience integrating tools like Trivy, Snyk, SonarQube, JFrog, or OWASP ZAP into pipelines
• Hands-on experience with Kubernetes, container security, Helm, GitOps tools.
• Proficiency in Terraform or Ansible for infrastructure-as-code and policy as code
• Strong knowledge of OWASP Top 10, secure design patterns, and code audit practices
• Familiarity with Keycloak or equivalent IAM tools and best practices around SSO and OAuth2/OIDC
• Languages: Bash, Python, Groovy, Helm, YAML
• Infra: Kubernetes, KVM, public cloud (AWS/GCP/Azure)
• Standards: CIS Benchmarks, NIST, ISO 27001, FEDRAMP is a significant plus
• A “secure-by-default” mindset combined with a pragmatic, collaborative approach
• An endlessly curious mind

Apply now.