Senior Application Security Engineer

Data is at the core of modern business, yet many teams struggle with its overwhelming volume and complexity. At Atlan, we’re changing that. As the world’s first active metadata platform, we help organisations transform data chaos into clarity and seamless collaboration.

From Fortune 500 leaders to hyper-growth startups, from automotive innovators redefining mobility to healthcare organisations saving lives, and from Wall Street powerhouses to Silicon Valley trailblazers — we empower ambitious teams across industries to unlock the full potential of their data.

Recognised as leaders by Gartner and Forrester and backed by Insight Partners, Atlan is at the forefront of reimagining how humans and data work together. Joining us means becoming part of a movement to shape a future where data drives extraordinary outcomes.

What will you do? 🤔

At Atlan, we're a remote-first company where security is fundamental to everything we do. Our mission is to empower secure software development while protecting customer data and enabling business success.

• Secure the SDLC: Integrate security throughout the software development lifecycle—from design and code to deployment—ensuring security is built-in, not bolted on.

• Secure Code Practices: Conduct secure code reviews, threat modeling sessions, and architecture reviews to identify and remediate vulnerabilities early in the development process.

• Application Security Testing: Implement and maintain SAST, DAST, SCA, and IAST tools to continuously identify vulnerabilities in our applications and dependencies.

• Vulnerability Management: Lead the application vulnerability management program—prioritizing, tracking, and validating remediation of security findings across development teams.

• Compliance Support: Ensure application security controls meet compliance requirements for SOC 2, ISO 27001, GDPR, HIPAA, and other relevant frameworks.

• Incident Response: Investigate application security incidents, coordinate remediation efforts with engineering teams, and conduct post-incident reviews to prevent recurrence.

What makes you a great match for us? 😍

• Developer-First Mindset: You understand that security exists to enable secure innovation. You work collaboratively with developers, speaking their language and providing actionable, context-aware security guidance.

• Application Security Expertise: Deep hands-on experience with application security testing tools (Snyk, Checkmarx, Semgrep, Burp Suite, OWASP ZAP), secure coding practices, and modern application architectures.

• Threat Modeling: Proven ability to perform threat modeling for complex applications, APIs, and cloud-native architectures using frameworks like STRIDE, PASTA, or similar.

• Programming Knowledge: Strong understanding of multiple programming languages (Python, JavaScript/Node.js, Go, Java) and ability to read and review code for security vulnerabilities.

• Cloud-Native Security: Experience securing applications in AWS, GCP, or Azure environments, including container security, serverless architectures, and infrastructure-as-code security.

• Vulnerability Assessment: Hands-on experience identifying, exploiting (ethically), and remediating vulnerabilities such as injection flaws, authentication issues, XXE, SSRF, and business logic flaws.

• CI/CD Security: Experience integrating security testing into CI/CD pipelines and implementing security-as-code practices using tools like GitHub Actions.

• Compliance Knowledge: Understanding of security requirements in frameworks like SOC 2, ISO 27001, PCI DSS, and how they apply to application development.

• Communication Skills: Excellent written and verbal communication skills with the ability to explain complex security issues to both technical and non-technical stakeholders.

• Certifications: Relevant certifications such as OSCP, OSWE, GWAPT, CEH, or CSSLP demonstrating practical application security expertise.

Why Is Atlan for You?

At Atlan, we believe the future belongs to the humans of data. From curing diseases to advancing space exploration, data teams are powering humanity's greatest achievements. Yet, working with data can be chaotic—our mission is to transform that experience. We're reimagining how data teams collaborate by building the home they deserve, enabling them to create winning data cultures and drive meaningful progress.

Joining Atlan means:

1. Ownership from Day One: Whether you're an intern or a full-time teammate, you’ll own impactful projects, chart your growth, and collaborate with some of the best minds in the industry.

2. Limitless Opportunities: At Atlan, your growth has no boundaries. If you’re ready to take initiative, the sky’s the limit.

3. A Global Data Community: We’re deeply embedded in the modern data stack, contributing to open-source projects, sponsoring meet-ups, and empowering team members to grow through conferences and learning opportunities.

As a fast-growing, fully remote company trusted by global leaders like Cisco, Nasdaq, and HubSpot, we’re creating a category-defining platform for data and AI governance. Backed by top investors, we’ve achieved 7X revenue growth in two years and are building a talented team spanning 15+ countries.

If you’re ready to do your life’s best work and help shape the future of data collaboration, join Atlan and become part of a mission to empower the humans of data to achieve more, together.

We are an equal opportunity employer
At Atlan, we’re committed to helping data teams do their lives’ best work. We believe that diversity and authenticity are the cornerstones of innovation, and by embracing varied perspectives and experiences, we can create a workplace where everyone thrives. Atlan is proud to be an equal opportunity employer and does not discriminate based on race, color, religion, national origin, age, disability, sex, gender identity or expression, sexual orientation, marital status, military or veteran status, or any other characteristic protected by law.