Principal Software Development Engineer

About The Position

Requirements

• 9+ Years of Experience building custom GRC (Governance, Risk, and Compliance) platforms.
• Demonstrable proficiency in Python, Go, or Java with a strong background in version control (Git), API design, and the ability to build complex PoCs for risk models.
• Proven mastery of the end-to-end SDLC, including the creation and oversight of comprehensive SRS documentation, Project Plans, and Product Backlogs to ensure architectural alignment from initial planning through to deployment and maintenance.
• Validated expert ability to define System Architectures, Data Models (ERDs), and API specifications while enforcing rigorous QA standards through formalized Test Plans, automated Build Scripts, and Production Operations manuals.
• Experience leading the technical roadmap for software engineering teams or data scientists without direct reporting authority (e.g., Lead, Principal, or Staff level experience).
• Verifiable proficiency in data pipeline logic, ELT/ETL processes, and data quality assurance, specifically as they apply to automating security telemetry.
• Mastery of Cybersecurity Risk: A proven track record of designing and implementing Enterprise and Third-Party Risk Management (TPRM) programs at scale.
• Architectural Design: Demonstrated ability to take a blank slate and define complex security processes, translating them into technical user stories, functional specifications, and logic diagrams.
• Advanced Risk Modeling: Expertise in quantitative risk analysis (e.g., Monte Carlo simulations or FAIR methodology) and how to programmatically apply these models to software.

Responsibilities

• Serve as the primary visionary for how our risk data is structured, analyzed, and automated, acting as the bridge between the Cybersecurity Risk organization and our Engineering teams.
• Architect high-level business and security "end-states" into sophisticated process designs and technical specifications.
• Own the translation of risk philosophy into the logic used by our engineering squads.
• Serve as the definitive Subject Matter Expert (SME) for defining risk metrics and calculation methodologies, specifically within Enterprise Risk (ERM) and Third-Party Risk (TPRM).
• Design and implement data-driven risk frameworks (e.g., NIST, FAIR) through sophisticated automation.
• Architect systems for automated due diligence, continuous monitoring, and assessment scoring for our vendor ecosystem.
• Champion security risk automation across the organization, mentoring junior engineers and influencing stakeholders on best practices for data-driven risk modeling.
• Design and implement Enterprise and Third-Party Risk Management (TPRM) programs at scale.
• Define complex security processes, translating them into technical user stories, functional specifications, and logic diagrams.
• Apply quantitative risk analysis (e.g., Monte Carlo simulations or FAIR methodology) to software.

Benefits

• Workday Bonus Plan
• Annual refresh stock grants
• Comprehensive benefits