Software Engineer, Information Security

Walmart•Dallas, TX

9d•Onsite

About The Position

Join Walmart/VIZIO and take your career to the next level! We are VIZIO, part of Walmart, a leading smart TV platform. Our Information Security team works with open-source software to provide innovative, cutting-edge, and secure solutions. Our team owns open-source license compliance, security automation, and vulnerability management across our embedded software platforms. We are a dynamic group that uses cutting-edge tools to automate audits, produce Software Bill of Materials (SBOMs), and ensure our products meet the highest security standards. We value problem-solving, autonomy, and collaboration, and believe in empowering our team members to architect solutions and drive compliance in a fast-moving environment. As a Staff, Software Engineer, Information Security at Walmart, you will oversee the security and compliance of open-source integrations that drive our business forward. Join us and leverage your skills to make a significant difference in our fast-paced and dynamic environment. We’re focused on learning, doing something new and valuable, and encouraging our team to do the same. We are looking for a highly competent Staff-level Software Engineer with deep expertise in embedded C/C++ development and a strong focus on information security. If you have a proven track record of transitioning from embedded engineering into DevSecOps, AppSec, or Compliance roles, we would like to hear from you. A successful candidate will contribute domain expertise and make high-impact individual contributions related to open-source compliance and automated security gates. This position is an Individual Contributor role. We pride ourselves on being a collaborative team here at VIZIO and to accomplish this, we are in the office 5 days a week in our Dallas, TX office. Are you ready to lead and innovate at one of the world's largest retail giants? About the Technology Team: Our Technology Team is at the forefront of driving Walmart's digital transformation. We are dedicated to developing innovative solutions that enhance customer experience and streamline our operations.

Requirements

8+ years in embedded software development (Linux kernel, device/firmware) with 2+ years in a security-focused role (DevSecOps/AppSec/Compliance).
BS or MS in Computer Science, Computer Engineering, Electrical Engineering, or a related field.
Strong in C and C++, with proficiency in Python or JavaScript for automation and tooling.
Deep, practical familiarity with open-source licenses (GPL/LGPL/MPL/Apache) and SBOM tooling (SPDX/CycloneDX).
Hands-on experience with modern CI/CD practices, CMake, cross-compilers, and artifact governance.
Skilled at interpreting and acting upon SAST/DAST/IAST security scan results.

Nice To Haves

Security certifications like CISSP/CSSLP are a plus.

Responsibilities

Lead open-source compliance & security: Evaluate proposed libraries (GPL/MPL/MIT/Apache), document obligations, and guide compliant implementation across embedded platforms.
Drive vulnerability management: Integrate and triage results from SAST/DAST/SCA scanners (CodeQL, SonarQube) and oversee remediation across firmware and supporting services.
Automate DevSecOps pipelines: Design and enforce CI/CD security gates, automate audits, and produce software bill of materials (SBOMs) using GitHub/GitLab.
Govern build engineering & artifacts: Standardize reproducible builds (CMake, Clang/LLVM) and manage dependency health checks via JFrog Artifactory/Xray.
Conduct risk assessments: Identify threats, recommend mitigating controls, and champion security best practices through documentation and developer training.