Software Engineer, Application Security

About Glean :

Founded in 2019, Glean is an innovative AI-powered knowledge management platform designed to help organizations quickly find, organize, and share information across their teams. By integrating seamlessly with tools like Google Drive, Slack, and Microsoft Teams, Glean ensures employees can access the right knowledge at the right time, boosting productivity and collaboration. The company's cutting-edge AI technology simplifies knowledge discovery, making it faster and more efficient for teams to leverage their collective intelligence.

Glean was born from Founder & CEO Arvind Jain's deep understanding of the challenges employees face in finding and understanding information at work. Seeing firsthand how fragmented knowledge and sprawling SaaS tools made it difficult to stay productive, he set out to build a better way - an AI-powered enterprise search platform that helps people quickly and intuitively access the information they need. Since then, Glean has evolved into the leading Work AI platform, combining enterprise-grade search, an AI assistant, and powerful application- and agent-building capabilities to fundamentally redefine how employees work.

About the Role :

Glean is looking for an experienced Application Security Engineer with a primary focus on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). This role is responsible for securing our base OS images, ensuring all open-source software (OSS) dependencies are scanned and patched, and integrating cutting-edge security tools into our CI / CD pipeline. The ideal candidate will drive the adoption of solutions like Google's Assured Open Source Software (OSS) and explore alternative approaches to enhance software security.

This role will lead the vulnerability management charter at Glean, identifying, evaluating, and implementing new security technologies and processes to proactively protect our infrastructure.

You will :

• Own and lead the vulnerability management lifecycle , ensuring our entire tech stack is free from known CVEs.
• Implement and manage secure base OS images , ensuring all underlying systems remain hardened against security threats.
• Continuously scan, monitor, and patch OSS dependencies to mitigate supply chain risks and enforce best practices for dependency management.
• Research and evaluate trusted open-source security solutions like Google's Assured Open Source Software and recommend their adoption where applicable.
• Work closely with engineering teams to integrate state-of-the-art SAST, DAST, and dependency scanning tools into the CI / CD pipeline to detect and remediate vulnerabilities early.
• Define and maintain best practices for secure coding to ensure all code developed by Glean engineers is free from vulnerabilities.
• Develop automated security validation tests to enforce vulnerability-free deployments across the stack.
• Lead the adoption and, if necessary, develop custom security solutions to manage and mitigate security risks at scale.
• Provide security guidance, training, and mentorship to engineering teams to foster a security-first culture at Glean.

About you :

Key Knowledge & Skills :

Why Join Us?

At Glean, we believe in empowering individuals to do their best work in an inclusive and diverse environment. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race. We're building a culture that values curiosity, collaboration, and impact.

If you're excited about leading the charge in securing a cutting-edge AI-powered search platform, we'd love to hear from you!

Benefits

Location :

For California based applicants :

The standard base salary range for this position is $185,000 - $280,000 annually. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.

We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.

#LI-HYBRID