Application Security Engineer at Glean

<div class="content-intro"><div><span style="font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0); font-size: 12pt;"><strong>About Glean:</strong></span></div> <div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Glean is the Work AI platform that helps everyone work smarter with AI. What began as the industry’s most advanced enterprise search has evolved into a full-scale Work AI ecosystem, powering intelligent Search, an AI Assistant, and scalable AI agents on one secure, open platform. With over 100 enterprise SaaS connectors, flexible LLM choice, and robust APIs, Glean gives organizations the infrastructure to govern, scale, and customize AI across their entire business - without vendor lock-in or costly implementation cycles.</span></div> <div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">At its core, Glean is redefining how enterprises find, use, and act on knowledge. Its Enterprise Graph and Personal Knowledge Graph map the relationships between people, content, and activity, delivering deeply personalized, context-aware responses for every employee. This foundation powers Glean’s agentic capabilities - AI agents that automate real work across teams by accessing the industry’s broadest range of data: enterprise and world, structured and unstructured, historical and real-time. The result: measurable business impact through faster onboarding, hours of productivity gained each week, and smarter, safer decisions at every level.</span></div> <div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Recognized by Fast Company as one of the World’s Most Innovative Companies (Top 10, 2025), by CNBC’s Disruptor 50, Bloomberg’s AI Startups to Watch (2026), Forbes AI 50, and Gartner’s Tech Innovators in Agentic AI, Glean continues to accelerate its global impact. With customers across 50+ industries and 1,000+ employees in more than 25 countries, we’re helping the world’s largest organizations make every employee AI-fluent, and turning the superintelligent enterprise from concept into reality.</span></div> <div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">If you’re excited to shape how the world works, you’ll help build systems used daily across Microsoft Teams, Zoom, ServiceNow, Zendesk, GitHub, and many more - deeply embedded where people get things done. You’ll ship agentic capabilities on an open, extensible stack, with the craft and care required for enterprise trust, as we bring Work AI to every employee, in every company.</span></div></div><div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><strong>About the Role:</strong></span></div> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Glean is looking for an&nbsp;<strong>Application Security Engineer</strong> with a primary focus on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). This role is responsible for securing our base OS images, ensuring all open-source software (OSS) dependencies are scanned and patched, and integrating cutting-edge security tools into our CI/CD pipeline. The ideal candidate will drive the adoption of solutions like Google’s Assured Open Source Software (OSS) and explore alternative approaches to enhance software security.</span></p> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><strong>You will:</strong></span></p> <ul> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Implement and improve the vulnerability management lifecycle, ensuring our entire tech stack is free from known vulnerabilities/CVEs.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Continuously scan, monitor, and patch OSS dependencies to mitigate supply chain risks and enforce best practices for dependency management.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Work closely with engineering teams to integrate state-of-the-art SAST, DAST, and dependency scanning tools into the CI/CD pipeline to detect and remediate vulnerabilities early.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Define and maintain best practices for secure coding to ensure all code developed by Glean engineers is free from vulnerabilities.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Ensure secure posture in SDLC by securing designs, conducting secure code reviews and penetration testing the features.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Develop automated security validation tests to enforce vulnerability-free deployments across the stack.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Lead the adoption and, if necessary, develop custom security solutions to manage and mitigate security risks at scale.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Provide security guidance, training, and mentorship to engineering teams to foster a security-first culture at Glean.</span></li> </ul> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><strong>About you:</strong></span></p> <ul> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">BA/BS in Computer Science, Cybersecurity, or a related field (or equivalent industry experience).</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">5+ years of experience in application security and vulnerability management.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Deep understanding of software security vulnerabilities, including CVEs, OWASP Top 10, and supply chain risks.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Deep understanding security design principles including but not limited to authentication, authorisation, RBAC, database security.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Experience with SAST, DAST, dependency scanning, and vulnerability management tools (e.g., Snyk, GitHub Dependabot, Trivy, Clair, Burp Suite, OWASP ZAP).</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Strong familiarity with package managers (npm, pip, Maven, Go modules) and securing open-source dependencies.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Coding experience in languages such as Go, Python, Java, or C++ to develop security test cases and tooling.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Hands-on experience with cloud-native security best practices across AWS, GCP, or Azure.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Knowledge of container security, Kubernetes security, and securing microservices architectures.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Ability to lead cross-functional initiatives and drive security adoption within engineering teams.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">A strong proactive approach to security, identifying risks before they become problems.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Excellent problem-solving skills and the ability to balance security with performance and usability.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Experience working in fast-paced, highly collaborative environments where security is a shared responsibility.</span></li> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Passion for open-source security and keeping up with the latest trends in software vulnerability management.</span></li> </ul> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><strong>Location:</strong></span></p> <ul> <li style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">This role is hybrid (3 days a week in our Bangalore office)</span></li> </ul> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);"><strong>Compensation &amp; Benefits:</strong></span></p> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.</span></p> <p><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif; color: rgb(0, 0, 0);">We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.<br><br>#LI-HYBRID<br></span></p><div class="content-conclusion"><div>&nbsp;</div> <div><span style="font-family: helvetica, arial, sans-serif; font-size: 12pt;"><strong>AI-First Mindset at Glean:</strong></span></div> <div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">At Glean, AI fluency is core to how we work and we're committed to ensuring every new hire feels confident integrating AI into their everyday work. <strong>As part of the interview process, you'll complete a brief AI-focused exercise or discussion so we can understand how you think about, design, and use AI to drive impact in your role. </strong>Feel free to reference any tools, platforms, or workflows you use today — prior Glean experience isn't required.</span></div> <div>&nbsp;</div> <div><span style="font-family: helvetica, arial, sans-serif; font-size: 12pt;"><strong>Global Data Privacy Notice for Job Candidates and Applicants:</strong></span></div> <div>&nbsp;</div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;">Depending on your location, the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), or other privacy laws may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available in our <a href="https://www.glean.com/privacy"><strong>Privacy Policy</strong></a>. By submitting your application, you are agreeing to our use and processing of your data as required. US applicants and their applications are subject to arbitration of disputes as outlined in our <a href="https://www.glean.com/arbitrationagreement"><strong>Applicant Arbitration Agreement</strong></a>.</span></div> <div><span style="font-size: 12pt; font-family: helvetica, arial, sans-serif;"><br>By clicking “Submit Application,” I confirm that I have read the Global Data Privacy Notice and the <a href="https://www.glean.com/arbitrationagreement"><strong>Applicant Arbitration Agreement</strong></a>, and I agree to the terms.&nbsp;&nbsp;</span></div></div>