Lead Product Security Engineer

We’re passionate about technology. We love making it, and we love using it. Joining Appian Engineering will provide you with the opportunity to learn in an environment that values cross-functional collaboration and is committed to personal and professional growth. We want to revolutionize the way people work, and in doing so, we develop the Appian platform to be simple so our customers can thrive.

As a Lead Product Security Engineer, your mission is to ensure that our customers can trust our platform with their most sensitive business processes and data. You will play an important role in defining and implementing strategic, technical, and operational objectives of the product security program at Appian. You will help establish industry-leading security processes and practices at each phase of the software development lifecycle; design, implement, and review the security features of our platform; assist product management with the prioritization of critical security-related activities; organize educational initiatives and materials.

• Mature Appian’s security automation for software security, compliance, cloud, and Kubernetes infrastructure to enhance coverage and ease the burden on developers

• Partner with development teams to conduct architecture reviews, threat modeling, code reviews, and penetration testing to align with industry best practices and compliance requirements

• Participate in strategic activities to advance Appian’s Product Security program, and define secure architecture and procedures for the product and organization

• Publish relevant, high-quality content about new security features, patterns, and processes to internal technical documentation site

• Manage Appian’s Bug Bounty program including researcher engagement and promotion development

• Resolve customer questions related to the security of Appian’s products and validate any customer submitted findings

• Educate team members and all engineers on security standards and best practices, establishing regular educational activities, as well as recommending and attending appropriate training and conferences

• Report and escalate urgent threats and risks to Engineering leadership and Incident Response

• Passionate about security, keep up latest research, best practices, conferences, and find learning opportunities to get hands-on

• Strong communication, negotiation, and collaboration skills with immediate team and stakeholders across the organization

• Demonstrated technical and security background with a interest in security automation, product, cloud, and Kubernetes