Anaplan is looking for a self-motivated SENIOR SECURITY ENGINEER to join our growing global Engineering team, based in our San Francisco office.
As a Senior Security Engineer, you will help drive the Product Security Architecture; Research function(s) for Anaplan development services. You will also be responsible for working with the other Engineers, Architects and Security teams across Anaplan, collectively providing guidance and strategies that improve the security posture for our employees and data. You will be working with business customers, Engineering management, infrastructure, development, project managers and other security teams to shape the vision, structure, standards and plan for solutions that support Anaplan's strategic business direction.
You'll join a team of individuals who embrace and respect diverse perspectives, aren't afraid to push boundaries and try new ideas and are passionate about helping our customers and each other succeed. We work hard, but we also don't wait for an excuse to have fun. In fact, we're so serious about it that it's one of our core values!
Located in the heart of the SOMA district, you can feel the excitement and energy of what we do at Anaplan when you step into our San Francisco office. We're a high-growth company developing best-in-class solutions to planning at an enterprise scale. Our customers rely on Anaplan as an always-on shared source of truth as they navigate the constant change and planning required to stay on top in the marketplacewe're pioneering the Connected Planning discipline to help business make decisions more quickly and decisively than ever before.
More about the role:
Conceive of and collaborate on novel ideas to identify risks at scale.
Rapidly prototype to assess effectiveness of project ideas.
Create tools/scripts to find AppSec risks at scale.
Stay on top of cutting-edge AppSec best practices, tools, etc., and assess their utility at Anaplan.
Understand new technologies and their strengths/weaknesses in the context of AppSec tooling.
Perform operational security reviews of feature implementations
Perform regular secure coding & secure design workshops for developers
Perform risk assessments of new and emerging threat types
Interface with QA teams by implementing automated security unit and functional tests
More about you:
Bachelor's degree in Computer Science, Engineering or a related discipline preferred, and substantial commercial experience in a similar role.
Prior experience in building pragmatic and effective security testing techniques/tools is a big plus.
Experience in threat modelling web applications and microservices.
Strong understanding of Modern Auth (SAML 2.0, OAuth)
Strong understanding of SSL certificate management, PKI, CA and their use.
Deep knowledge of web protocols and standards.
Experience in containers and their hardening/security
Clear understanding of security concepts e.g., Authentication, Authorisation.
Deep knowledge of application security vulnerabilities (OWASP Top 10) and mitigation techniques.
Knowledge of emerging threats, mitigations and industry trends.
Experience with SAST, DAST tools
Prior experience of AWS, GCP services and architectures
Experience with GCP is a Huge plus
You have a genuine passion for security, a respect for the development process and a firm desire to help improve our products. You thrive in an environment that deeply values collaboration, feedback and learning.
You believe that quality is something we all take ownership of, and write high-quality, testable code. You have experience using Test Driven Development and more importantly, you want to make use of that experience. You can apply Agile development principals and push for modern best practices in software development and deployment.
What We Offer:
A rewarding, progressive career with a company that values diversity and understands the need for a good work/life balance.
Market-leading salaries combined with bonuses, and a comprehensive range of benefits.
Regular Agile meet-ups, events and hackathons.
Flexible working, a well stocked kitchen, and plenty of parties & events.
3 days of paid leave every year to help support the charity or cause of your choice.
Huge problems to solve you will constantly be learning and pushing boundaries, working with some of the smartest people around!
Anaplan (NYSE: PLAN) is pioneering the category of Connected Planning. Our platform, powered by our proprietary Hyperblock technology, enables dynamic, collaborative, and intelligent planning. Large and fast-growing global enterprises use our solution to connect people, data, and plans across the business, enabling real-time planning and decision-making in rapidly changing business environments. Based in San Francisco, we have over 20 offices globally, 250 partners, and over 1,200 customers worldwide.
Learn about our history, see our recognitions and achievements, and take a look at what it's like to work at Anaplan.
Get to know more about working at Anaplan by checking out our social channels. #AnaplanLOVE
CAN'T FIND THE PERFECT ROLE FOR YOU? NEW OPPORTUNITIES ARE OPENING UP DAILY: ANAPLAN.COM/CAREERS
Anaplan is committed to equality and diversity in the workplace and all aspects of employment, including the decision to hire, promote, discipline, or discharge, is based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, national origin, religion, marital status, physical or mental disability, medical condition, gender, sexual orientation, or any other status protected under applicable law.