Glean Technologies, Inc.
Software Engineer, Application Security
Glean Technologies, Inc., San Francisco, California, United States, 94199
Glean is the Work AI platform that helps everyone work smarter with AI. What began as the industry’s most advanced enterprise search has evolved into a full‑scale Work AI ecosystem, powering intelligent Search, an AI Assistant, and scalable AI agents on one secure, open platform. With over 100 enterprise SaaS connectors, flexible LLM choice, and robust APIs, Glean gives organizations the infrastructure to govern, scale, and customize AI across their entire business – without vendor lock‑in or costly implementation cycles.
About the Role: We are looking for an experienced
Application Security Engineer
focused on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). The role is responsible for securing our base OS images, ensuring all open‑source software (OSS) dependencies are scanned and patched, and integrating cutting‑edge security tools into our CI/CD pipeline. The ideal candidate will drive the adoption of solutions like Google’s Assured Open Source Software (OSS) and explore alternative approaches to enhance software security.
This role will lead the vulnerability management charter at Glean, identifying, evaluating, and implementing new security technologies and processes to proactively protect our infrastructure.
You will:
Own and lead the
vulnerability management lifecycle , ensuring our entire tech stack is free from known CVEs.
Implement and manage secure base OS images , ensuring all underlying systems remain hardened against security threats.
Continuously scan, monitor, and patch OSS dependencies
to mitigate supply chain risks and enforce best practices for dependency management.
Research and evaluate
trusted open‑source security solutions
like Google’s Assured Open Source Software and recommend their adoption where applicable.
Work closely with engineering teams to
integrate state‑of‑the‑art SAST, DAST, and dependency scanning tools
into the CI/CD pipeline to detect and remediate vulnerabilities early.
Define and maintain
best practices for secure coding
to ensure all code developed by Glean engineers is free from vulnerabilities.
Develop automated security validation tests to enforce vulnerability‑free deployments across the stack.
Lead the adoption and, if necessary,
develop custom security solutions
to manage and mitigate security risks at scale.
Provide security guidance, training, and mentorship to engineering teams to foster a
security‑first culture
at Glean.
About you:
BA/BS in Computer Science, Cybersecurity, or a related field
(or equivalent industry experience).
5+ years of experience in application security and vulnerability management.
Deep understanding of
software security vulnerabilities , including CVEs, OWASP Top 10, and supply chain risks.
Experience with
SAST, DAST, dependency scanning, and vulnerability management tools
(e.g., Snyk, GitHub Dependabot, Trivy, Clair, Burp Suite, OWASP ZAP).
Strong familiarity with
package managers
(npm, pip, Maven, Go modules) and
securing open‑source dependencies.
Coding experience
in languages such as Go, Python, Java, or C++ to develop security test cases and tooling.
Hands‑on experience with
cloud‑native security best practices
across AWS, GCP, or Azure.
Knowledge of
container security, Kubernetes security, and securing microservices architectures.
Ability to lead cross‑functional initiatives and
drive security adoption within engineering teams.
Key Knowledge & Skills:
A strong
proactive approach
to security, identifying risks before they become problems.
Excellent problem‑solving skills and the ability to
balance security with performance and usability.
Experience working in
fast‑paced, highly collaborative environments
where security is a shared responsibility.
Passion for
open‑source security
and keeping up with the latest trends in software vulnerability management.
Why Join Us? At Glean, we believe in
empowering individuals
to do their best work in an inclusive and diverse environment. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race. We’re building a culture that values curiosity, collaboration, and impact.
Benefits:
Competitive compensation
Medical, Vision and Dental coverage
Flexible work environment and time‑off policy
401k
Company events
A home office improvement stipend when you first join
Annual education stipend
Wellness stipend
Healthy lunches and dinners provided daily
Location: Hybrid (3‑4 days a week in the SF Bay Area office)
Compensation: For California based applicants, the standard base salary range for this position is $185,000 – $280,000 annually. Compensation offered will be determined by factors such as location, level, job‑related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.
EEO & Diversity Statement: We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race. We are committed to an inclusive and diverse company.
#J-18808-Ljbffr
About the Role: We are looking for an experienced
Application Security Engineer
focused on ensuring that our entire technology stack is free of software vulnerabilities (CVEs). The role is responsible for securing our base OS images, ensuring all open‑source software (OSS) dependencies are scanned and patched, and integrating cutting‑edge security tools into our CI/CD pipeline. The ideal candidate will drive the adoption of solutions like Google’s Assured Open Source Software (OSS) and explore alternative approaches to enhance software security.
This role will lead the vulnerability management charter at Glean, identifying, evaluating, and implementing new security technologies and processes to proactively protect our infrastructure.
You will:
Own and lead the
vulnerability management lifecycle , ensuring our entire tech stack is free from known CVEs.
Implement and manage secure base OS images , ensuring all underlying systems remain hardened against security threats.
Continuously scan, monitor, and patch OSS dependencies
to mitigate supply chain risks and enforce best practices for dependency management.
Research and evaluate
trusted open‑source security solutions
like Google’s Assured Open Source Software and recommend their adoption where applicable.
Work closely with engineering teams to
integrate state‑of‑the‑art SAST, DAST, and dependency scanning tools
into the CI/CD pipeline to detect and remediate vulnerabilities early.
Define and maintain
best practices for secure coding
to ensure all code developed by Glean engineers is free from vulnerabilities.
Develop automated security validation tests to enforce vulnerability‑free deployments across the stack.
Lead the adoption and, if necessary,
develop custom security solutions
to manage and mitigate security risks at scale.
Provide security guidance, training, and mentorship to engineering teams to foster a
security‑first culture
at Glean.
About you:
BA/BS in Computer Science, Cybersecurity, or a related field
(or equivalent industry experience).
5+ years of experience in application security and vulnerability management.
Deep understanding of
software security vulnerabilities , including CVEs, OWASP Top 10, and supply chain risks.
Experience with
SAST, DAST, dependency scanning, and vulnerability management tools
(e.g., Snyk, GitHub Dependabot, Trivy, Clair, Burp Suite, OWASP ZAP).
Strong familiarity with
package managers
(npm, pip, Maven, Go modules) and
securing open‑source dependencies.
Coding experience
in languages such as Go, Python, Java, or C++ to develop security test cases and tooling.
Hands‑on experience with
cloud‑native security best practices
across AWS, GCP, or Azure.
Knowledge of
container security, Kubernetes security, and securing microservices architectures.
Ability to lead cross‑functional initiatives and
drive security adoption within engineering teams.
Key Knowledge & Skills:
A strong
proactive approach
to security, identifying risks before they become problems.
Excellent problem‑solving skills and the ability to
balance security with performance and usability.
Experience working in
fast‑paced, highly collaborative environments
where security is a shared responsibility.
Passion for
open‑source security
and keeping up with the latest trends in software vulnerability management.
Why Join Us? At Glean, we believe in
empowering individuals
to do their best work in an inclusive and diverse environment. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race. We’re building a culture that values curiosity, collaboration, and impact.
Benefits:
Competitive compensation
Medical, Vision and Dental coverage
Flexible work environment and time‑off policy
401k
Company events
A home office improvement stipend when you first join
Annual education stipend
Wellness stipend
Healthy lunches and dinners provided daily
Location: Hybrid (3‑4 days a week in the SF Bay Area office)
Compensation: For California based applicants, the standard base salary range for this position is $185,000 – $280,000 annually. Compensation offered will be determined by factors such as location, level, job‑related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.
EEO & Diversity Statement: We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race. We are committed to an inclusive and diverse company.
#J-18808-Ljbffr