Sr. Application Security Engineer

Location: Remote in Texas

About Illumio:

Illumio is the leader in ransomware and breach containment, redefining how organizations contain cyberattacks and enable operational resilience. Powered by the Illumio AI Security Graph, our breach containment platform identifies and contains threats across hybrid multi-cloud environments – stopping the spread of attacks before they become disasters.

Recognized as a Leader in the Forrester Wave™ for Microsegmentation, Illumio enables Zero Trust, strengthening cyber resilience for the infrastructure, systems, and organizations that keep the world running.

About the Team:

The Office of the CTO and Security team sets the strategic technical direction of the company while keeping both Illumio and our customers secure. Those who join us represent the leader in Zero Trust Segmentation and maintain Illumio’s competitive advantage by exploring new technologies while collaborating with Engineering and Product Management.

We are looking for people who leverage differences and push the pace of innovation in a time when the world faces its greatest cybersecurity threats in history.  

The Illumio Information Security team is responsible for securing our products, our data, and our technology assets. We believe security is an enabler, and our objective is to help the business be successful. As an Application Security Engineer, you will be responsible for securing our products, using a combination of review, assessment, testing, and automation. But you won't be alone – although we are specialists each in our own way, we wear many hats and work collaboratively to help each other be successful.

Key Responsibilities:

• Collaborate cross-functionally to secure the Illumio product line

• Help ensure security of the product is prioritized while supporting the business, operational, and usability requirements of the product

• Perform secure design architecture reviews and threat modeling of new and existing Illumio products

• Build, deploy, operate, and automate solutions for static analysis and dynamic application security testing, using a mixture of commercial, open-source, and in-house tools

• Triage security findings from both internal and external sources to identify and address actionable issues

• Provide consultation and guidance to developers on improving the security of Illumio's products

• Research new security trends, and continually improve our internal processes, procedures, and tools, implementing new approaches to address the changing threat landscape

• Become knowledgeable on Illumio's products, to facilitate stronger collaboration with internal teams

• Participate in weekly on-call rotations

Experience:

Along with experience in application security, you should have:

• Working knowledge of the OWASP Application Security Verification Standard (ASVS) and Common Weakness Enumeration (CWE) Top 25

• Experience in carrying out application security risk assessments independently using a combination of source code inspection, manual testing, and automated scanning

• A strong understanding of Agile software development and feature-driven development processes

• Previous development experience preferred

• A data-driven, analytical mindset

• The ability to express yourself clearly when communicating in written or verbal form

Pay Range:

$145,000 USD - $167,000 USD

The pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, location, experience, knowledge, skills, abilities, as well as internal equity, alignment with market data, or applicable laws.

Benefits:

At Illumio we offer a wide range of benefits to our eligible team members. Our benefit programs vary by location and can include Medical, Dental, Vision Coverage – Health and Dependent Savings Accounts – Life and Disability Programs – Paid Parental Leave – Voluntary Benefit Programs – Company Sponsored Wellness Program – Wellness Reimbursement Program - Retirement Savings – Equity Opportunities – Paid time off and Paid Holidays – Employee Incentive Program. #LI-KD1 #LI-REMOTE

All official job offers from our company are extended directly by our recruitment team and will be sent through an official DocuSign document for your review and signature. Please be aware that we do not ask for any personal information in the process of extending offers of employment, such as financial details or social security numbers. Upon acceptance of any offer, we will request such information as part of the onboarding process prior to or on your first day of employment, and only after completing a background check through an authorized third-party vendor. If you receive any communication asking for personal details outside of these processes, please contact us immediately to verify the authenticity of the request. Your security is important to us, and we are committed to a safe and transparent hiring experience.