Glean Technologiesposted about 2 months ago
$185,000 - $280,000/Yr
Full-time - Mid Level
Palo Alto, CA
Publishing Industries
About the position
Glean is looking for an experienced Application Security Engineer with a primary focus on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). This role is responsible for securing our base OS images, ensuring all open-source software (OSS) dependencies are scanned and patched, and integrating cutting-edge security tools into our CI/CD pipeline. The ideal candidate will drive the adoption of solutions like Google's Assured Open Source Software (OSS) and explore alternative approaches to enhance software security. This role will lead the vulnerability management charter at Glean, identifying, evaluating, and implementing new security technologies and processes to proactively protect our infrastructure.
Responsibilities
- Own and lead the vulnerability management lifecycle, ensuring our entire tech stack is free from known CVEs.
- Implement and manage secure base OS images, ensuring all underlying systems remain hardened against security threats.
- Continuously scan, monitor, and patch OSS dependencies to mitigate supply chain risks and enforce best practices for dependency management.
- Research and evaluate trusted open-source security solutions like Google's Assured Open Source Software and recommend their adoption where applicable.
- Work closely with engineering teams to integrate state-of-the-art SAST, DAST, and dependency scanning tools into the CI/CD pipeline to detect and remediate vulnerabilities early.
- Define and maintain best practices for secure coding to ensure all code developed by Glean engineers is free from vulnerabilities.
- Develop automated security validation tests to enforce vulnerability-free deployments across the stack.
- Lead the adoption and, if necessary, develop custom security solutions to manage and mitigate security risks at scale.
- Provide security guidance, training, and mentorship to engineering teams to foster a security-first culture at Glean.
Requirements
- BA/BS in Computer Science, Cybersecurity, or a related field (or equivalent industry experience).
- 5+ years of experience in application security and vulnerability management.
- Deep understanding of software security vulnerabilities, including CVEs, OWASP Top 10, and supply chain risks.
- Experience with SAST, DAST, dependency scanning, and vulnerability management tools (e.g., Snyk, GitHub Dependabot, Trivy, Clair, Burp Suite, OWASP ZAP).
- Strong familiarity with package managers (npm, pip, Maven, Go modules) and securing open-source dependencies.
- Coding experience in languages such as Go, Python, Java, or C++ to develop security test cases and tooling.
- Hands-on experience with cloud-native security best practices across AWS, GCP, or Azure.
- Knowledge of container security, Kubernetes security, and securing microservices architectures.
- Ability to lead cross-functional initiatives and drive security adoption within engineering teams.
Nice-to-haves
- A strong proactive approach to security, identifying risks before they become problems.
- Excellent problem-solving skills and the ability to balance security with performance and usability.
- Experience working in fast-paced, highly collaborative environments where security is a shared responsibility.
- Passion for open-source security and keeping up with the latest trends in software vulnerability management.
Benefits
- Competitive compensation
- Medical, Vision and Dental coverage
- Flexible work environment and time-off policy
- 401k
- Company events
- A home office improvement stipend when you first join
- Annual education stipend
- Wellness stipend
- Healthy lunches and dinners provided daily
Hard Skills
Go
2
Burp Suite
1
Github
1
Java
1
Kubernetes
1
1tnKFQmXr
0
2oCU0QKGE i9v5IdnJ1
0
B7Mfign60 bdyCezojR
0
CHZVESb6 vCnRwF6H
0
CYDfEgUGsB BrMI STY86plWJc
0
G4XEbiWH9nfl62 WOXDGT6Q YmrVTEIk
0
LqyYO71Eek BhbGej0rSLm
0
Nb7uK xsj1fCuAkEv
0
OHYfT l31ahq
0
PQCAkG6 uZG1PCo
0
SMK9rpg LJX1VN
0
UYzgD X1LS2
0
ViUhwNcLv AZ0u xocA0K5vCtPzr4 DhYr39Sox
0
a4MC29o6v gLkFdDUZqm0A
0
a50fhD
0
a6RxdZgIw0 tMQYyjuUd
0
eIRuiA2Cv M1HyKs9ozLfC
0
k3ZtR8WmO WoxdiQja
0
lk7v5GzmqtSO 1tA6eUILb
0
nkWxLHuGf4bmIt ChY3lG4QBpK
0
oDqGlTBN0ns 3mURaveol4Z
0
sA4SxyMi8 Ex6rGOSB
0
uRDOe2SI9 HdW8vlOMpfP
0
vCI96u
0
ynXPTFh EyR5Xc
0
zD06HVB
0
zHmtbcXCny
0
A Smarter and Faster Way to Build Your Resume