Bloomberg is fast becoming an ‘Open Source first’ company, meaning its reliance on Open Source software is ever-increasing. From the core infrastructure in our data centers, to the enterprise products we ship to clients - Open Source software is firmly ingrained within our technology and culture.

You will be responsible for securing Bloomberg’s software supply chain at scale, preventing vulnerable or malicious software from being consumed. You will work with stakeholders to design, implement and support these systems. You will need to use a variety of techniques, including automated scanning tools and promotion processes to manage the flow of software.

We’ll trust you to:

• Design and build systems that secure and provide visibility into Bloomberg’s software supply chain
• Work with upstream packaging ecosystems to implement secure designs and practices
• Enable Engineering teams to safely and confidently consume Open Source Software
• Help improve productivity for over 6000 developers by creating solutions that integrate with their day-to-day tooling and workflows
• Build and integrate with systems for protecting Bloomberg and it’s customers from vulnerabilities and malicious code in the Open Source Software 

You’ll need to have:

• Knowledge of all parts of the SDLC
• A drive to partner and collaborate with stakeholders and team members alike
• Ability to engage technical client base of engineers and communicate security requirements, potential risks and influence development practices
• Working knowledge of Linux environments
• Experience designing and implementing software in one more languages
• An understanding of current and emerging threat vectors in the software supply chain attack space

We’d love to see:

• Experience with security practices and taking a shift-left approach
• Familiarity with Open Source communities and engagement
• A working understanding of multiple language ecosystems
• A background in DevOps, software infrastructure or similar discipline
• Knowledge of Software Composition Analysis tooling and processes
• An understanding of Software Supply Chain Security principles and standards (such as SLSA)

At Bloomberg we are extremely proud of our diverse, open, and inclusive culture. We value diversity of thought and perspective in every form. We're looking for engineers with a real passion for writing reusable, efficient solutions to complex problems, who can adapt to an ever-changing market landscape, and who can collaborate and work effectively on small teams to develop software that impacts thousands of financial institutions and decision makers around the world.

If this sounds like you, please apply!

Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.

Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email amer_recruit@bloomberg.net