We're Hiring! Software Quality & Compliance Lead

We're Hiring! Software Quality & Compliance Lead

Experience: 5 years

Location: Los Angeles, CA

Salary: 90K-100K Annually

Benefits: Full Comprehensive & Flexible PTO

Role Summary

Own the end-to-end quality bar across products and services. Define engineering standards, lead independent verification & validation, and operate the final quality/compliance gate before releases.

Key Responsibilities

• Define, maintain, and enforce secure SDLC and quality policies across codebases and services.
• Lead independent V&V activities with objective evidence for acceptance.
• Conduct systematic code and design reviews (manual tool-assisted) to prevent defects and regressions.
• Build and maintain automated quality gates in CI/CD (tests, coverage, SAST/DAST/SCA, license checks, SBOM generation).
• Drive software supply-chain hygiene (dependency governance, artifact signing, provenance, vulnerability SLAs).
• Own test strategy: plans, requirements traceability, environments, data, and the full defect lifecycle (triage → fix → verify → close).
• Prepare audit-ready documentation (test reports, risk registers, CAPAs) and lead corrective/preventive actions.
• Mentor engineers; publish playbooks, checklists, and run training sessions.
• Define and report KPIs (defect escape rate, MTTR for vulnerabilities, coverage, flaky-test rate, policy adherence).
• Serve as final go/no-go approver against quality and compliance criteria.

Minimum Qualifications

• 5 years in software quality, DevSecOps, security engineering, or V&V for cloud, distributed, or embedded/edge systems.
• Hands-on experience with automated testing and CI/CD quality gates.
• Proficiency with at least two of: SAST, DAST, IAST, SCA, coverage/reporting frameworks, end-to-end testing tools.
• Strong grasp of secure SDLC and modern software supply-chain practices (SBOMs, attestations, artifact signing).
• Proficiency in one or more languages (e.g., Python, TypeScript/JavaScript, Go, C/C ).
• Excellent documentation discipline and clear, concise communication.

Nice to Have

• Background in mission-critical, safety-critical, or regulated environments.
• Threat modeling and risk management (e.g., STRIDE), fuzzing, and runtime security.
• IaC security and policy-as-code (e.g., Terraform, OPA).
• Familiarity with standards/guidelines like CERT or MISRA where relevant.
• Prior experience leading a quality/compliance or V&V function.

Typical Tooling (illustrative)

• Versioning/CI: GitHub/GitLab, CI runners
• Code Quality: CodeQL, Semgrep, SonarQube
• App Sec: OWASP ZAP/Burp, Snyk/Dependabot, Trivy/Grype
• Testing: pytest, Jest, Playwright/Cypress
• Governance: SBOM (CycloneDX/SPDX), artifact signing (e.g., cosign), reporting dashboards

Other Requirements

• Must be US Citizen or permanent Green Card holder.
• Must be commuting distance of Santa Monica, CA.

Why Join Hidonix

• Collaborative, supportive team culture where cross-functional work is the norm and everyone contributes to problem-solving.
• Fast-paced, innovation-driven culture that values creativity, problem-solving, and technical mastery.
• Flexible PTO and comprehensive benefits that support work–life balance.
• Salary of 90K-100K Annually.