Smartsheet is hiring a Senior Software Engineer, Platform Security (Remote from Bulgaria)

Smartsheet is seeking a Senior Software Engineer to join its Security Application Development team, focusing on designing, building, and maintaining robust security features for its SaaS platform. The role emphasizes secure-by-design development, integration of security into the SDLC, and leveraging AI tools to improve productivity and system design, all while ensuring the platform's resilience and trustworthiness.

What You'll Do

• Design, build, and implement security features and functionalities directly into the SaaS product using modern programming languages such as Java, Kotlin, Go, TypeScript, Python, and associated frameworks.
• Develop scalable back-end services and APIs with a security-first mindset, ensuring high availability and performance in a multi-cloud environment (primarily AWS).
• Collaborate with product and engineering teams to embed security best practices throughout the entire software development lifecycle, from design to deployment.
• Engineer and automate security controls, threat detection mechanisms, and vulnerability remediation processes within the application.
• Participate actively in code reviews and architectural discussions, advocating for secure coding practices and robust security designs.
• Tackle complex security challenges related to data protection, access control, authentication, authorization, and secure communication within a distributed system.
• Create and maintain API integrations between internal and external systems.
• Implement and test API solutions to ensure they meet functionality, performance, and security standards.
• Monitor API performance and address any integration challenges or issues.
• Serve as a subject matter expert in application security, mentoring junior engineers and fostering a culture of security ownership across development teams.
• Strategically apply and champion AI tools within the team's domain to improve project execution, system design, quality, and debugging.
• Lead adoption of AI best practices and drive measurable productivity gains.
• Assist in global 24/7 SOC operations during daytime working hours with security incident remediation.

What We're Looking For

• 5+ years of progressive software development experience, with at least 3 years focused on building security features or secure applications.
• A BS or MS in Computer Science, Engineering, or a related field, or equivalent industry experience.
• Expert-level proficiency in at least one major programming language such as Java, Kotlin, Go, or Python with a proven history of building scalable and secure applications.
• Deep experience with cloud technologies (AWS, Azure, etc.), particularly in securing cloud-native applications.
• Experience developing, documenting, and supporting secure REST APIs.
• Strong understanding of common security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
• Experience with containerization and orchestration technologies (Kubernetes) in a secure development context.
• Proficiency with modern security tools and practices, including static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA).
• A critical thinker with a proven ability to troubleshoot complex security-related problems in high-pressure production environments.
• Excellent verbal and written communication skills and a collaborative spirit.
• Fluency in English is required.
• 1 year professional experience leveraging AI-based workflows to author, maintain, review, deploy, and maintain code.
• 1+ years building AI features that incorporate generative AI or agentic workflows to solve customer problems with measurable business impact.
• Legally eligible to work in Bulgaria on an ongoing basis.

Nice to Have

• Advanced industry certifications such as CSSLP, OSCP, or cloud-specific security certifications.

Technical Stack

• Java, Kotlin, Go, TypeScript, Python, AWS, REST APIs, Kubernetes, SAST, DAST, SCA, OWASP Top 10

Team & Environment

• Security Application Development team

Benefits & Compensation

• Freedom to explore, push boundaries, and grow beyond your role.
• Opportunity to contribute in a culture where ideas are heard and potential is supported.
• Inclusive environment that welcomes diverse perspectives and nontraditional paths.
• Work that has real impact and connects to something bigger.

Work Mode

• Remote work available for candidates based in Bulgaria.

Smartsheet is an Equal Opportunity (EEO) employer committed to fostering an inclusive environment with the best employees. It is our policy to provide equal employment opportunities to all qualified applicants in accordance with applicable laws in the US, UK, Australia, Germany, Costa Rica, Japan, Bulgaria, and India. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know.