Platform Security Engineer

About Glean

We're on a mission to make knowledge work faster and more humane. We believe that AI will fundamentally transform how people work. In the future, everyone will work in tandem with expert AI assistants who find knowledge, create and synthesize information, and execute work. These assistants will free people up to focus on the higher-level, creative aspects of their work.

We're building a system of intelligence for every company in the world. On the surface, you can think of it as Google + ChatGPT for the enterprise. Under the hood, our platform is the connective tissue between AI and knowledge. It brings all of a company's knowledge together, understands it at a deep level, provides industry-leading search relevance over it, and connects it to generative AI agents and applications.

Glean was founded by a seasoned team of former Google search and Facebook engineers who saw a need in the enterprise space for their technical depth and passion for AI. We're a diverse team of curious and creative people who want to help each other get big things done-so we can help other teams do the same.

We're backed by some of the Valley's leading venture capitalists-including Sequoia, Kleiner Perkins, Lightspeed, and General Catalyst-and have assembled a world-class team with senior leadership experience at Google, Slack, Facebook, Dropbox, Rubrik, Uber, Intercom, Pinterest, Palantir, and others.

Role

Glean is seeking a talented Platform Security Engineer to join our growing team. In this role, you will play a critical role in developing and maintaining the security foundation of our platform. You will be responsible for designing, implementing, and testing security features across various software components.

What you will do and achieve

• Design, develop, and maintain secure software for core platform functionalities, particularly focusing on:

• Authentication and authorization systems

• Secure communication channels between services (e.g., API security)

• Secure data storage and access controls

• Collaborate with cross-functional teams (engineering, product) to integrate security best practices throughout the development lifecycle.

• Stay up-to-date on the latest security threats, vulnerabilities, and mitigation strategies.

• Conduct security code reviews and identify potential security risks in existing codebases.

• Develop and implement automated security testing procedures.

• Respond to security incidents and participate in incident response procedures.

• Continuously improve the platform's security posture by identifying and implementing security enhancements.

• Document security processes, procedures, and best practices.

Who you are

• BA/BS in computer science, or related degree, MS a strong plus

• Minimum 5+ years of experience in software development with a strong focus on security aspects

• Proven experience in designing and implementing secure authentication and authorization systems

• In-depth understanding of secure coding principles and best practices (e.g., OWASP Top 10)

• Experience with secure communication protocols (e.g., TLS/SSL)

• Familiarity with security testing tools and methodologies (e.g., static code analysis, penetration testing)

• Excellent problem-solving and analytical skills

• Strong communication and collaboration skills

• Ability to work independently and as part of a cross-functional team

• Passion for security and a commitment to building secure and reliable systems

Key knowledge and skills

• Thrive in a customer-focused, tight-nit and cross-functional environment - being a team player and willing to take on whatever is most impactful for the company is a must.

• A proactive and positive attitude to lead, learn, troubleshoot and take ownership of both small tasks and large features.

• An interest/desire to learn and own various aspects of security.

• Strong coding skills (for example in Go/Python/Java/C++ etc) with an emphasis on designing for reliability and scale, and writing well-tested components.

• Experience with cloud security principles and tools (AWS Security, GCP Security)

• Experience with container security (Docker Security, Kubernetes Security)

Benefits

• Competitive compensation

• Medical, Vision and Dental coverage

• Flexible work environment and time-off policy

• 401k

• Company events

• A home office improvement stipend when you first join

• Annual education stipend

• Wellness stipend

• Healthy lunches and dinners provided daily

For California based applicants:

The standard base salary range for this position is $185,000 - $280,000 annually. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.

We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.