Security Engineer

At Anaplan, we are a team of innovators who are focused on optimizing business decision-making through our leading scenario planning and analysis platform so our customers can outpace their competition and the market.

What unites Anaplanners across teams and geographies is our collective commitment to our customers’ success and to our Winning Culture.

Our customers rank among the who’s who in the Fortune 50. Coca-Cola, LinkedIn, Adobe, LVMH and Bayer are just a few of the 2,400+ global companies that rely on our best-in-class platform.

Our Winning Culture is the engine that drives our teams of innovators. We champion diversity of thought and ideas, we behave like leaders regardless of title, we are committed to achieving ambitious goals and we have fun celebrating our wins.

Supported by operating principles of being strategy-led, values-based and disciplined in execution, you’ll be inspired, connected, developed and rewarded here. Everything that makes you unique is welcome; join us and be your best self!

About the Role 

As a Product Security Engineer, you will be directly involved in implementing and improving Anaplan’s product security practices. You’ll collaborate with development teams, evaluate security tools, and contribute to secure design and coding efforts in a more independent capacity than an Associate. 

Individual Contributor Focus: 

• Works semi-autonomously, owning smaller security projects end-to-end. 

• Communicates with adjacent engineering teams to advocate for secure solutions. 

• Develops stronger “selling” skills for security initiatives, though scope is typically focused at the engineering team level. 

Responsibilities 

• Secure SDLC Integration: Work closely with product and engineering teams to integrate security controls throughout the software development lifecycle. 

• Threat Modeling & Risk Assessment: Conduct basic threat modeling exercises, identifying potential vulnerabilities and proposing mitigation strategies. 

• Tooling & Automation: Enhance security tooling in CI/CD pipelines, improving accuracy and efficiency in vulnerability detection. 

• Incident & Vulnerability Response: Investigate security findings, assess risk, and coordinate remediation with product teams. 

Qualifications 

• Experience: 2+ years in application security, software engineering, or related roles with a security focus. 

• Technical Skills: Proficiency in at least one programming language (e.g., Java, Python) and familiarity with CI/CD systems. 

• Communication: Able to explain basic security concepts to cross-functional teammates, contributing to collaborative problem-solving. 

Nice to Have 

• Experience with container security (Docker, Kubernetes). 

• Familiarity with Infrastructure as Code security (Terraform, CloudFormation). 

• Security certifications (e.g., CompTIA Security+, GIAC). 

Our Commitment to Diversity, Equity, Inclusion and Belonging 

Build your career in a place that thrives on diversity, equity, inclusion, and belonging. We believe in a hiring and working environment where all people are respected and valued, regardless of gender identity or expression, sexual orientation, religion, ethnicity, age, neurodiversity, disability status, citizenship, or any other aspect which makes people unique. We hire you for who you are, and we want you to bring your authentic self to work every day! 

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive equitable benefits and all privileges of employment. Please contact us to request accommodation. 

Fraud Recruitment Disclaimer 

It has come to our attention that fraudulent and fictitious job opportunities are being circulated on the Internet. Prospective candidates are being contacted by certain individuals, mainly through telephone calls, emails and correspondence, claiming they are representatives of Anaplan. The main purpose of these correspondences and announcements is to obtain privileged information from individuals.  

Anaplan does not: 

• Extend offers to candidates without an extensive interview process with a member of our recruitment team and a hiring manager via video or in person.  
• Send job offers via email. All offers are first extended verbally by a member of our internal recruitment team whenever possible, and then followed up via written communication. 

All emails from Anaplan would come from an @anaplan.com email address. Should you have any doubts about the authenticity of an email, letter or telephone communication purportedly from, for, or on behalf of Anaplan, please send an email to people@anaplan.com before taking any further action in relation to the correspondence.