Software Supply Chain Security Engineer

Please Note:

1. If you are a first time user, please create your candidate login account before you apply for a job. (Click Sign In > Create Account)

2. If you already have a Candidate Account, please Sign-In before you apply.

Job Description:

We are seeking an experienced software engineer to join the VMware Cloud Foundation division’s SCOPE (security, compliance, open source, and privacy engineering) team, which is responsible for ensuring the security and compliance of the division’s products. The ideal candidate will have a strong background in software supply chain security, site reliability engineering, complex multi-platform build systems, cloud platforms, and some familiarity with business continuity processes. The successful candidate will work closely with the division’s build team, security architects, software engineers, and other stakeholders to design, implement, and maintain solutions that increase both the security and resilience of our software supply chain.

Responsibilities:

• Design, develop, and maintain systems which improve both the security and resilience of our build systems, artifact repositories, and development tool chain, including build resiliency and reproducibility solutions.

• Collaborate with build engineers, security architects, and software engineers from across the division to achieve our security and resiliency goals for our software supply chain.

• Ensure the security, reliability, and cost sensitivity of these systems.

• Develop and maintain automated testing and deployment scripts, using tools like Jenkins, GitLab CI/CD, or CircleCI.

Requirements:

• 12+ years of experience working with complex build environments and / or software supply chain security

• Strong understanding of cloud providers like AWS, GCP, or Azure

• Experience with multiple programming languages, including C/C++, Java, Golang, Python

• Experience with CI/CD tools, build systems, package management systems, and infrastructure-as-code tools.

• Experience with Linux operating system administration and development

• Experience building complex system test automation

• Familiarity with virtualization technologies

• Strong problem-solving skills and attention to detail

• Excellent communication and collaboration skills

Good to have:

• Bachelor's degree in Computer Science, Computer Engineering, or a related field

• Strong interest in software supply chain security and resilience, including familiarity with SLSA, s2c2f, SPDX, and VeX

• An understanding of the open source ecosystem, especially aspects related to software supply chain security

• Demonstrated experience designing and / or implementing resilient systems

• A background which includes software security engineering and / or infrastructure security engineering

Additional Job Description:

Compensation and Benefits

The annual base salary range for this position is $141,000 - $225,000.

This position is also eligible for a discretionary annual bonus in accordance with relevant plan documents, and equity in accordance with equity plan documents and equity award agreements.

Broadcom offers a competitive and comprehensive benefits package: Medical, dental and vision plans, 401(K) participation including company matching, Employee Stock Purchase Program (ESPP), Employee Assistance Program (EAP), company paid holidays, paid sick leave and vacation time. The company follows all applicable laws for Paid Family Leave and other leaves of absence.

Broadcom is proud to be an equal opportunity employer.  We will consider qualified applicants without regard to race, color, creed, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability status, medical condition, pregnancy, protected veteran status or any other characteristic protected by federal, state, or local law.  We will also consider qualified applicants with arrest and conviction records consistent with local law.

If you are located outside USA, please be sure to fill out a home address as this will be used for future correspondence.