Staff Application Security Engineer

This is a fully remote position, open to applicants in India.

📋 Description

• Oversee the incorporation of security best practices throughout every stage of the software development lifecycle, ensuring the robust protection of Ivanti’s products, services, and IT assets.

• Develop innovative and scalable security tools, processes, and solutions to proactively identify, remediate, and mitigate vulnerabilities across large and complex codebases.

• Craft secure architectures, conduct thorough threat modeling, and lead penetration testing and code reviews on both web and mobile applications to uphold the highest security standards.

• Collaborate with development, operations, and architecture teams to thoroughly integrate security into DevOps practices and promote a culture of continuous security awareness within the organization.

• Spearhead security education initiatives by providing clear, actionable training and documentation to cross-functional teams, and by driving vulnerability remediation efforts with stakeholders from various technical backgrounds.

• Work alongside global product and engineering teams, business leaders, and third-party security vendors to analyze vulnerability reports and coordinate effective security solutions and disclosure programs.

• Guide stakeholders on prioritizing vulnerabilities, implementing secure coding standards, utilizing cryptographic techniques, and adopting industry-leading security protocols and compliance practices.

⛳️ Requirements

• More than 8 years of experience in web application security, with extensive technical expertise in both common and advanced security vulnerabilities, exploitation techniques, and effective remediation strategies.

• Established proficiency in applied cryptography, threat modeling, vulnerability assessment (including CVSS scoring and penetration testing), as well as secure software development practices across SSDLC and CI/CD pipelines.

• Experience in implementing and maintaining security tools and processes for large-scale codebases (such as SAST, SCA, DAST, container scanning), along with providing secure coding education to developers.

• Strong programming skills (ideally in Python), with the capability to articulate complex security concepts clearly to a wide range of technical and non-technical stakeholders.

• Proven ability to work collaboratively across functions in cooperative environments, contributing to responsible disclosure, bug bounty, and vulnerability management programs, as well as securing cloud and SaaS environments at scale.

🏝️ Benefits

• Remote-friendly, flexible schedules: Empower excellence in every setting and elevate human potential.

• Competitive compensation & total rewards: Including health, wellness, and financial plans tailored for you and your family.

• Global, diverse teams: Collaborate with talented people from 23+ countries.

• Learning & development: Grow your skills with access to best-in-class learning tools and programs.

• Equity & belonging: We value every voice. Your story helps inform our solutions for a changing world.