AppSec Jobs
← Back to all jobs

Cloudera

Staff Security Engineer

Utah, United StatesWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Cloudera

Hortonworks, now part of Cloudera, is a global enterprise software company that specializes in data and AI solutions. The company focuses on helping organizations manage, analyze, and derive insights from data across various environments, including cloud, data centers, and edge locations. Their unified platform is designed to facilitate digital transformation by providing AI-ready data and enabling real-time insights. The Hortonworks platform is built on Apache Iceberg and features a hybrid approach that encompasses three main pillars: Cloud Anywhere, Data Anywhere, and AI Everywhere. This allows organizations to maintain control over their data while leveraging a low-code/no-code interface for collaborative AI development. Hortonworks offers industry-specific solutions across sectors such as manufacturing, healthcare, financial services, and public safety, addressing needs like predictive maintenance, real-time analytics, and patient care improvement. The company also provides comprehensive support and training services to enhance user experience and maximize platform capabilities. With a strong focus on security and compliance, Hortonworks ensures a secure environment for its clients, holding multiple government certifications.

Industry

information technology & services

Employees

130

62 engineers

Revenue

$366M

Website

Visit →

Security at Cloudera

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Cloudera's Application Security philosophy centers on the 'Shift Left' principle, emphasizing the automation of security controls and the enablement of developers through self-service tooling.
  • The stated goal is to shift security left by designing, developing, and deploying self-service security tools and services that embed into developer workflows.
  • The company follows a risk-based approach where risk analysis is performed across the software development lifecycle.

Security Team

  • Cloudera's Product Security team is integrated into the Engineering business area.
  • The security organization is led by CISO Eddie Garcia.
  • Key personnel include a Sr. Staff Technical Program Manager for Product Security, indicating a structured approach to program management within the security domain.
  • The team currently has 2 active AppSec job postings focusing on staff-level security engineers with expertise in CI/CD pipeline security and self-service security tooling.

Key Initiatives

  • Cloudera's active initiatives focus on integrating security into the CI/CD pipeline and enhancing application-level security controls.
  • Key initiatives include: (1) Automating and integrating security controls into CI/CD pipelines, (2) Implementing SAST analysis for all software components, (3) Conducting automated DAST scanning on every release, (4) Consolidating security tool outputs through ASPM platforms for context-rich vulnerability management, and (5) Enforcing authentication controls and preventing public application exposure through secure SDLC practices.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.