Senior Application Security Engineer (AI & Vulnerability)

About the role:

We’re seeking a talented Senior Application/Product Security Engineer with hands-on experience deploying managing and operating modern Vulnerability Management platforms. In this role you’ll work alongside technical product managers and engineers across the company to maintain Samsara’s Vulnerability Management infrastructure and de-risk software vulnerabilities to better protect our customers.

We seek someone who is passionate about leveraging automation to enhance efficiency is enthusiastic about working with infrastructure-as-code and has a wealth of experience collaborating with teams to reduce software vulnerabilities. Your contributions will be critical to shaping our overall security and compliance strategy. At Samsara we value working backwards from winning as an operating principle. Your ability to define success and work with cross-functional stakeholders by working backwards to reach that success is pivotal. 

You should apply if:

• You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on get food into grocery stores reduce emissions and most importantly ensure workers return home safely.
• You are the architect of your own career: If you put in the work this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development and countless opportunities to experiment and master your craft in a hyper-growth environment.
• You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative ambitious ideas for our customers.
• You want to be with the best: At Samsara we win together celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best. 

In this role you will: 

• Lead and own ongoing operation and maintenance of Samsara’s vulnerability management program ensuring consistent execution of processes.
• Assist in managing vulnerability scanning tools and help refine detection capabilities to improve accuracy and reduce false positives.
• Work closely with the Vulnerability Technical Program Manager to generate and distribute monthly and quarterly compliance reports.
• Collaborate with engineering teams to track and support the remediation of identified vulnerabilities providing guidance on best practices.
• Assist in analyzing and triaging vulnerabilities escalating critical issues to senior security engineers or Security Operations as needed.
• Participate in security incident investigations related to high-profile vulnerabilities helping gather data and assess potential impact on Samsara infrastructure.
• Contribute to documentation and process improvements to streamline vulnerability management workflows.
• Champion Samsara’s cultural principles (Focus on Customer Success Build for the Long Term Adopt a Growth Mindset Be Inclusive Win as a Team) in daily work.
• Be regularly on call to support

Minimum requirements for the role:

• 6+ years of relevant experience with demonstrated impact for security engineering and vulnerability management in an enterprise environment. 
• Significant experience with vulnerability management tooling in particular modern toolsets such as Wiz or Semgrep.
• Deep subject matter expertise with security engineering best practices for subjects such as CVSS EPSS. 
• Strong familiarity with common security vulnerabilities and the ability to judge their severity and impact on the business.
• Excellent development background with experience in Python or GoLang.
• Strong DevOps DevSecOps or SRE background with experience in AWS cloud services and Terraform
• Experience using security automation platforms such as Tines and serverless frameworks such as AWS Lambda.
• Deep understanding of Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) or Software Composition Analysis (SCA) 

An ideal candidate also has:

• Practical experience managing vulnerabilities within a FedRAMP-certified environment.
• Experience integrating vulnerability management into modern CI/CD pipelines with a “shift-left” mentality.

What We Do

Samsara (NYSE: IOT) is the pioneer of the Connected Operations® Platform which is an open platform that connects the people devices and systems of some of the world’s most complex operations allowing them to develop actionable insights and improve their operations. With tens of thousands of customers across North America and Europe Samsara is a proud technology partner to the people who keep our global economy running including the world’s leading organizations across industries in transportation construction wholesale and retail trade field services logistics manufacturing utilities and energy government healthcare and education food and beverage and others. The company's mission is to increase the safety efficiency and sustainability of the operations that power the global economy.

Why Work With Us

Do the most meaningful work of your career—saving lives keeping communities running and transforming the industries that power the global economy. At Samsara we build AI-powered technology for the people who keep the world running—making essential work safer smarter and more sustainable.

Gallery