CrawlJobs Logo

Software Engineer, Application Security

glean.com Logo

Glean

Location Icon

Location:
United States , San Francisco Bay Area

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

185000.00 - 280000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Glean is looking for an experienced Application Security Engineer with a primary focus on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). This role is responsible for securing our base OS images, ensuring all open-source software (OSS) dependencies are scanned and patched, and integrating cutting-edge security tools into our CI/CD pipeline. The ideal candidate will drive the adoption of solutions like Google’s Assured Open Source Software (OSS) and explore alternative approaches to enhance software security. This role will lead the vulnerability management charter at Glean, identifying, evaluating, and implementing new security technologies and processes to proactively protect our infrastructure.

Job Responsibility:

  • Own and lead the vulnerability management lifecycle, ensuring our entire tech stack is free from known CVEs
  • Implement and manage secure base OS images, ensuring all underlying systems remain hardened against security threats
  • Continuously scan, monitor, and patch OSS dependencies to mitigate supply chain risks and enforce best practices for dependency management
  • Research and evaluate trusted open-source security solutions like Google’s Assured Open Source Software and recommend their adoption where applicable
  • Work closely with engineering teams to integrate state-of-the-art SAST, DAST, and dependency scanning tools into the CI/CD pipeline to detect and remediate vulnerabilities early
  • Define and maintain best practices for secure coding to ensure all code developed by Glean engineers is free from vulnerabilities
  • Develop automated security validation tests to enforce vulnerability-free deployments across the stack
  • Lead the adoption and, if necessary, develop custom security solutions to manage and mitigate security risks at scale
  • Provide security guidance, training, and mentorship to engineering teams to foster a security-first culture at Glean

Requirements:

  • BA/BS in Computer Science, Cybersecurity, or a related field (or equivalent industry experience)
  • 5+ years of experience in application security and vulnerability management
  • Deep understanding of software security vulnerabilities, including CVEs, OWASP Top 10, and supply chain risks
  • Experience with SAST, DAST, dependency scanning, and vulnerability management tools (e.g., Snyk, GitHub Dependabot, Trivy, Clair, Burp Suite, OWASP ZAP)
  • Strong familiarity with package managers (npm, pip, Maven, Go modules) and securing open-source dependencies
  • Coding experience in languages such as Go, Python, Java, or C++ to develop security test cases and tooling
  • Hands-on experience with cloud-native security best practices across AWS, GCP, or Azure
  • Knowledge of container security, Kubernetes security, and securing microservices architectures
  • Ability to lead cross-functional initiatives and drive security adoption within engineering teams

Nice to have:

  • A strong proactive approach to security, identifying risks before they become problems
  • Excellent problem-solving skills and the ability to balance security with performance and usability
  • Experience working in fast-paced, highly collaborative environments where security is a shared responsibility
  • Passion for open-source security and keeping up with the latest trends in software vulnerability management
What we offer:
  • Competitive compensation
  • Medical, Vision and Dental coverage
  • Flexible work environment and time-off policy
  • 401k
  • Company events
  • A home office improvement stipend when you first join
  • Annual education stipend
  • Wellness stipend
  • Healthy lunches and dinners provided daily

Additional Information:

Job Posted:
January 06, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Glean - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Software Engineer, Application Security

Principal Software Engineer – Cloud Security

Principal Software Engineer – Cloud Security role at Hewlett Packard Enterprise,...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or master’s degree in computer science, engineering, information systems, or closely related quantitative discipline
  • Typically, 10-15 years’ experience
  • Deep expertise in software systems design, development methodologies, and integration across diverse platforms and technologies
  • Strong business acumen, focusing on aligning technological initiatives with business goals and driving sustainable growth and profitability
  • Exceptional analytical and problem-solving skills, with the ability to navigate complex technical challenges and drive impactful solutions
  • Track record of driving technological innovation, with a portfolio of patents and successful product deployments
  • Exceptional communication and stakeholder management skills, with the ability to effectively convey complex technical concepts to non-technical audiences and influence decision-making at the executive level
Job Responsibility
Job Responsibility
  • Leads the identification, evaluation, and adoption of cutting-edge technologies, innovations, and strategic partnerships to drive growth and competitiveness
  • Drives developing and implementing robust methodologies, standards, and best practices for software systems design, development, and integration
  • Leverages recognized domain expertise and experience to influence decisions
  • Collaborates with executive leadership to align technology initiatives with business objectives, ensuring technology investments deliver measurable value and impact
  • Champion a culture of continuous innovation, thought leadership, and excellence in software systems design and help build technical community
  • Provides strategic guidance and mentorship to senior technical teams, fostering a culture of collaboration, creativity, and high-performance outcomes
  • Analyzes science, engineering, business, and other data processing problems to develop and implement solutions to complex application problems, system administration issues, or network concerns
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Application Security Engineer

In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap fo...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in application security, including hands-on experience with security testing tools and techniques
  • Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities and secure coding practices
  • Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk
  • Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code
  • Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices
  • Excellent analytical and problem-solving skills, with attention to detail
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
  • Certifications such as CISSP, CEH, or CASE (Java), or equivalent
  • Demonstrated ability to work independently and prioritize tasks in a fast-paced environment
Job Responsibility
Job Responsibility
  • Conduct thorough security assessments of applications, identifying vulnerabilities and weaknesses in code, architecture, and configurations
  • Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed
  • Perform regular security testing, including static code analysis, dynamic application scanning, and penetration testing, to identify and mitigate security risks
  • Analyze security incidents and provide timely response and remediation actions to mitigate potential threats
  • Develop and maintain security documentation, including security requirements, design documents, and security testing reports
  • Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems
  • Stay up-to-date with emerging security threats and industry best practices, and recommend security enhancements and controls accordingly
  • Provide security guidance and support to cross-functional teams, including developers, architects, and project managers
  • Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements
  • Collaborate with third-party vendors and partners to assess the security posture of integrated systems and applications
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Software Engineer 3 - Cloud Security

This role has been designed as ‘Hybrid’ with an expectation that you will work o...
Location
Location
United States , San Jose
Salary
Salary:
90400.00 - 208500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 2-4 years experience
  • Using software systems design tools and languages
  • Ability to apply analytical and problem solving skills
  • Designing software systems running on multiple platform types
  • Software systems testing methodology, including execution of test plans, debugging, and testing scripts and tools
  • Strong written and verbal communication skills
  • mastery in English and local language
  • Ability to effectively communicate design proposals and negotiate options
Job Responsibility
Job Responsibility
  • Designs limited enhancements, updates, and programming changes for portions and subsystems of systems software, including operating systems, compliers, networking, utilities, databases, and Internet-related tools
  • Analyzes design and determines coding, programming, and integration activities required based on specific objectives and established project guidelines
  • Executes and writes portions of testing plans, protocols, and documentation for assigned portion of application
  • identifies and debugs issues with code and suggests changes or improvements
  • Participates as a member of project team of other software systems engineers and internal and outsourced development partners to develop reliable, cost effective and high quality solutions for assigned systems portion or subsystem
  • Collaborates and communicates with internal and outsourced development partners regarding software systems design status, project progress, and issue resolution
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Software Security Engineer

Internship position for a Security Engineer to work on security assurance toolin...
Location
Location
France , Paris
Salary
Salary:
1500.00 EUR / Month
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in C (mandatory)
  • Strong understanding of memory corruption and undefined behaviour
  • Strong understanding of established automated security analysis techniques (fuzzing, abstract interpretation based static analysis, symbolic execution)
  • Good knowledge of exploitation techniques and mitigations
  • Basic understanding of LLMs and curiosity about their use in security evaluation
  • Ability to formalize and effectively communicate work in written and spoken English
  • Basic working knowledge of Git
Job Responsibility
Job Responsibility
  • Research and implement various automated security analysis techniques including fuzzing, static analysis or symbolic execution
  • Build up a benchmark to compare and identify the most relevant solutions in the context of embedded applications
  • Refine and extend existing tools with opportunities to explore the use of LLMs
  • Integrate and deploy work into CI pipelines
  • Contribute to security reviews of new embedded applications or features
  • Develop new fuzzing harnesses or improve on existing ones
  • Present work and results internally and to engineering teams
What we offer
What we offer
  • Social events, snacks and drinks
  • Transportation allowance
  • Lunch vouchers with Swile
  • Vacation: 1 day off for every full month of work in addition to national holidays
  • Fulltime
Read More
Arrow Right

Software Engineer / Senior Software Engineer

ARiA is looking for highly motivated self-starters and low-ego team players to j...
Location
Location
United States , Madison; Alexandria; Seattle
Salary
Salary:
Not provided
ariacoustics.com Logo
Applied Research in Acoustics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Applicants selected for employment will be subject to a government security investigation and must meet eligibility requirements, including U.S. citizenship, for access to sensitive information
  • Bachelor’s degree or greater in a relevant technical field (Computer Science, Engineering, or equivalent)
  • Expertise designing and developing code using modern programming/scripting languages such as C, C++, Golang, JavaScript (and variants), and Python
  • Expertise developing and deploying software in an agile, continuous-integration (CI) framework across a variety of hardware platforms (desktop, server, cloud) using modern tools including containerization (e.g., Docker, Kubernetes)
  • Exceptional ability and desire to acquire new knowledge and skills to solve challenges
  • Ability to work independently but collaboratively
  • Ability to manage multiple projects in a fast-paced professional office environment
  • Ability to communicate technical solutions to colleagues and customers
  • Superior oral and written communications skills
Job Responsibility
Job Responsibility
  • Algorithm and software design, development, research, and testing to support prototypes and products
  • Supporting the transition of research algorithms to fielded systems
  • Preparing documentation to summarize design and status of prototypes and products
  • Assisting with in-field integration, testing, and support, with some local travel required
  • Developing an interface between a C++ underwater-acoustics physics engine and a video game for education and training
  • Developing a JavaScript backend for a scenario-design and management tool for players and integration of that system with a learning-management system (LMS)
  • Developing algorithms and software for a cloud-deployed cognitive tool that allows natural-language query of legal documents to answer user questions about government regulations and supporting the DevOps process for deployment of the prototype
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy