Senior Security Engineer

Security at scale requires engineers who've built software at scale. We're looking for a senior engineer who's spent years in the codebase-shipping features, debugging production incidents, and understanding what makes systems break-and who's now ready to focus that expertise on making our products fundamentally more secure.

You won't just review code. You'll partner with engineering teams to shape how we build, threat model early designs, and drive security improvements that eliminate entire classes of vulnerabilities. If you've been the engineer teammates ping when something "feels off" security-wise, or you've been a Security Champion itching to go deeper-this role is for you.

What You'll Do

• Partner with engineering teams to embed security into product design from day one-not as a gate, but as a collaborator who understands the tradeoffs
• Lead threat modeling for new features and architectures, helping teams think like attackers while shipping with confidence
• Drive secure-by-default patterns across the organization-build the guardrails, tooling, and paved roads that make the secure path the easy path
• Own security assessments end-to-end: scoping, execution, findings, and working with teams through remediation
• Respond to and lead complex security incidents, coordinating cross-functional response and turning incidents into lasting improvements
• Level up the team-mentor engineers across the organization on secure development practices and help grow our security culture

Do you have experience in Penetration testing?, * Strong software engineering foundation: 5+ years building production software (backend, full-stack, or platform engineering). You've shipped real products and understand the pressures engineering teams face.

• Security depth through practice: You've developed security expertise organically-as a Security Champion, through leading secure design initiatives, building security tooling, or driving security improvements on your team. Formal security titles not required.
• Technical breadth: Solid understanding of modern infrastructure-cloud platforms (AWS, GCP, or Azure), containerization (Docker, Kubernetes), and secure development practices.
• Communication that lands: You can explain security risks to a PM, debate architecture tradeoffs with a principal engineer, and write docs that developers actually read.

Nice to Have

• Experience with threat modeling frameworks and security design review processes at scale
• Background in penetration testing, vulnerability research, or red teaming
• Contributions to the security community (open source, bug bounty, research, talks)
• Advanced certifications (OSCP, CISSP, GWEB, GIAC)
• Experience with zero-trust architectures, identity & access management, or cryptographic systems

At Anaplan, we are a team of innovators focused on optimizing business decision-making through our leading AI-infused scenario planning and analysis platform so our customers can outpace their competition and the market. What unites Anaplanners across teams and geographies is our collective commitment to our customers' success and to our Winning Culture. Our customers rank among the who's who in the Fortune 50. Coca-Cola, LinkedIn, Adobe, LVMH and Bayer are just a few of the 2,400+ global companies who rely on our best-in-class platform. Our Winning Culture is the engine that drives our teams of innovators. We champion diversity of thought and ideas, we behave like leaders regardless of title, we are committed to achieving ambitious goals, and we love celebrating our wins - big and small. Supported by operating principles of being strategy-led, values-based and disciplined in execution, you'll be inspired, connected, developed and rewarded here. Everything that makes you unique is welcome; join us and let's build what's next - together!