Senior Application Security Engineer

Company Description

“Illumio, the leader in micro-segmentation, prevents the spread of breaches inside data center and cloud environments. Enterprises such as Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite use Illumio to reduce cyber risk and achieve regulatory compliance. The Illumio Adaptive Security Platform® uniquely protects critical information with real-time application dependency and vulnerability mapping coupled with micro-segmentation that works across any data center, public cloud, or hybrid cloud deployment on bare-metal, virtual machines, and containers. For more information, visit or follow us @illumio.”

Job Description

You’ve got the passion. You’ve got the skills. Now you just need the right opportunity. If you can quote CWE’s & CVE’s in your sleep, if your passion is finding and fixing application vulnerabilities, if you enjoy evangelizing application security principles and processes every day and twice on Sundays … then we would like to have you on our team. Come join us in revolutionizing security for the enterprise in the cloud era. At Illumio, you’ll have the chance to join a team of smart and talented people who are on a mission to change the world with Adaptive Segmentation and Security -- in the Cloud, in the Data Center, and beyond.

The Sr. Application Security Engineer is a key member of Illumio’s security team reporting in to the office of the CTO. In this role, you will work closely with Illumio engineering and other application teams to assess the application threat landscape, build security into the SDLC and perform deep dive penetration testing and manual code review. 

You will:
•    Be an Application Security driver and evangelist inside Illumio
•    Run threat modeling for cloud and enterprise application scenarios
•    Guide development teams in best practices across all stages of the SDLC
•    Automate and Integrate security into agile development processes and CI/CD pipelines
•    Assess and exploit Illumio product vulnerabilities
•    Respond to external reports from customers, researchers, third party testers, and bug bounties
•    Build, buy, operate, and maintain application security tools
•    Monitor and respond to Open Source Software weaknesses and exposures


•    3+ years of applicable experience
•    Application security experience with interpreted and compiled programming languages 
•    Application security experience with Windows and Linux binaries
•    Experience working with teams on multi-tiered, complex web applications (java, ruby, python, C++, etc.)
•    White box and black box penetration testing experience
•    Strong analytical skills and learning agility
•    Strong interpersonal and communication skills

•    Secure SDLC experience
•    Previous startup experience
•    CISSP and/or other security certifications are a plus
•    BS or MS in Computer science or related

Additional Information

All your information will be kept confidential according to EEO guidelines.

Back to top