Company Summary
As the recognized global standard for project-based businesses, Deltek delivers software and information solutions to help organizations achieve their purpose. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing and making a difference.
At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Best Place to Work by Glassdoor, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress.
For more information please visit www.deltek.com
Business Summary
The Deltek Global Cloud team focuses on the delivery of first-class services and solutions for our customers. We are an innovative and dynamic team that is passionate about transforming the Deltek cloud services that power our customers project success. Our diverse, global team works cross-functionally to make an impact on the business. If you want to work in a transformational environment, where education and training are encouraged, consider Deltek as the next step in your career!
Position Responsibilities
POSITION SUMMARY:
Deltek is looking for an energetic and driven person to join our Product Security Team. The team member will be focused on DevSecOps, specifically building internal security tooling, designing and maintaining DevSecOps pipelines, and guiding SaaS product security throughout the entire lifecycle, including design, development, deployment, and operations. They'll work closely with Deltek's product and engineering teams to implement security at scale using a risk-based approach.
The ideal candidate will have strong development skills with experience in DevOps, Application Security (AppSec), and Cloud Security (CloudSec). They will be building and enhancing our internal Application Security Posture Management (ASPM) system, developing automation for pipeline orchestration and security tool integration, and creating solutions that improve the speed and reliability of our security operations. They will be reviewing the security of web and/or desktop applications, be capable of running and interpreting reports from Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Mobile Application Security Testing (MAST) tools.
The ability to read, write, and review application code is required. They should be able to work and communicate security information with engineering, product management, and senior leadership in an effective manner. Knowledge of Application Security and Cloud Security is required to be successful in this role.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Development and Automation – Design, develop, and maintain internal security tooling and automation, including:
- Application Security Posture Management (ASPM) system development and enhancement
- DevSecOps pipeline design, implementation, and optimization for speed and reliability
- Security tool integration and orchestration automation
- APIs and integrations connecting security tools with ticketing, reporting, and compliance systems
- Manage and monitor security throughout the product lifecycle from development to operations with a DevSecOps mindset.
- Application Security – Collaborate with development and engineering to ensure security steps are performed, findings are analyzed, and remediation is performed during the Software Development Lifecycle (SDLC). This includes:
- Threat Modeling
- Static Application Security Testing (SAST)
- Software Composition Analysis (SCA)
- Dynamic Application Security Testing (DAST)
- Cloud Security – Ensure cloud security processes are completed, and findings remediated prior to deployment to production. These include:
- Infrastructure as Code (IaC), Orchestration, and Automation security
- Cloud Security Posture Management (CNAPP, CSPM)
- Container, and Host Security (CNAPP, CWPP, VMDR)
- Endpoint Protection (EPP)
- Network Security and Edge Security
- Compliance – Maintain compliance with internal policy, industry standards, and regulations, including FedRAMP, NIST 800-171, and CMMC.
- Data Encryption
- Logging and Monitoring
- OS Patching and Vulnerability Remediation
- CIS Benchmarks and DISA STIGs
- Identify false positives or misconfigurations that can improve tool outputs.
- Lead remediation and continuous improvement across the product security posture with effective countermeasures and targeted mitigations.
- Develop clear risk insight from analysis of application security findings.
- Ability to perform work after normal business hours.
- Keep up to date with application security trends.
- Operating vulnerability management processes, suggesting applicable change controls, and security exceptions.
Qualifications
ESSENTIAL KNOWLEDGE & SKILLS:
Desired Education & Experience:
- Bachelor's Degree in a related field (Computer Science, Software Engineering, Cybersecurity, etc.) or equivalent experience.
- Security certification – CompTIA, CSSLP, GIAC, ISC2, etc.
- 7+ years experience in software development, DevOps, cloud security, application security, DevSecOps, or related area
Technical Knowledge and Skill:
- Strong proficiency in one or more programming languages (e.g., Python, JavaScript/TypeScript, Java, C#, Go) with experience building production applications.
- Experience designing and implementing CI/CD pipelines (Azure DevOps, GitHub Actions, Jenkins, GitLab CI, etc.).
- Experience building internal tooling, automation systems, or security platforms.
- Strong knowledge of security principles and best practices.
- Experience with Secure SDLC tools, including SAST, SCA, and DAST.
- Experience with security for SaaS/Cloud-delivered products, including vulnerability management, cloud security, container security, and DevSecOps.
- Familiarity with web frameworks, REST APIs, and database technologies.
- Experience with security automation and orchestration.
- Experience with vulnerability management processes.
- Credibility and high professionalism.
- Strong analytical and creative problem-solving skills.
- Strong verbal, written, and presentation skills; collaborative, innovative, and curious.
- Attention to detail and follow-through on tasks.
- Position will work closely with Deltek staff in the Philippines, India, US, and EU.
The above statements are intended to describe the general nature and level of work being performed by incumbents assigned to this job. This is not intended to be an exhaustive list of all the responsibilities, duties, and skills required. The duties may be changed, and other duties may be assigned.
Career Interests
Engineering
Position Type
FT
Travel Requirements
10%
Applicant Privacy Notice
Deltek is committed to the protection and promotion of your privacy. In connection with your application for employment with us at Deltek, it is necessary for us to collect, store and use information about you (Personal Data) to administer and evaluate your application. We are the controller of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice . Additionally, we have not sold and do not sell Personal Data you provide to us through the job application process. 
