Bloomberg is fast becoming an ?????Open Source first???????? company, meaning its reliance on Open Source software is ever-increasing. From the core infrastructure in our data centers, to the enterprise products we ship to clients - Open Source software is firmly ingrained within our technology and culture.
You will be responsible for securing Bloomberg????????s software supply chain at scale, preventing vulnerable or malicious software from being consumed. You will work with stakeholders to design, implement and support these systems. You will need to use a variety of techniques, including automated scanning tools and promotion processes to manage the flow of software.
We????????ll trust you to:
Design and build systems that secure and provide visibility into Bloomberg????????s software supply chain
Work with upstream packaging ecosystems to implement secure designs and practices
Enable Engineering teams to safely and confidently consume Open Source Software
Help improve productivity for over 6000 developers by creating solutions that integrate with their day-to-day tooling and workflows
Build and integrate with systems for protecting Bloomberg and it????????s customers from vulnerabilities and malicious code in the Open Source Software??
You????????ll need to have:
Knowledge of all parts of the SDLC
A drive to partner and collaborate with stakeholders and team members alike
Ability to engage technical client base of engineers and communicate security requirements, potential risks and influence development practices
Working knowledge of Linux environments
Experience designing and implementing software in one more languages
An understanding of current and emerging threat vectors in the software supply chain attack space
We????????d love to see:
Experience with security practices and taking a shift-left approach
Familiarity with Open Source communities and engagement
A working understanding of multiple language ecosystems
A background in DevOps, software infrastructure or similar discipline
Knowledge of Software Composition Analysis tooling and processes
An understanding of Software Supply Chain Security principles and standards (such as SLSA)
At Bloomberg we are extremely proud of our diverse, open, and inclusive culture. We value diversity of thought and perspective in every form. We're looking for engineers with a real passion for writing reusable, efficient solutions to complex problems, who can adapt to an ever-changing market landscape, and who can collaborate and work effectively on small teams to develop software that impacts thousands of financial institutions and decision makers around the world.
If this sounds like you, please apply! Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email email@example.com
SPE US Office 100 Reserve Rd. Suite B310
Danbury, CT 06810
P +1 203.740.5400
F +1 203.740.5405
P +32 498 85 07 32
SPE Middle East Section Office N. ESO:14
Sheikh Rashid Tower
Dubai World Trade Center
P.O. Box 9204