Senior Information Security Engineer

Here at Appian, our core values of Respect, Work to Impact, Ambition, and Constructive Dissent & Resolution define who we are. In short, this means we constantly seek to understand the best for our customers, we go beyond completion in our work, we strive for excellence with intensity, and we embrace candid communication. These values guide our actions and shape our culture every day. When you join Appian, you'll be part of a passionate team that's dedicated to accomplishing hard things.

Role & Responsibility

Appian’s information security team is growing and is seeking a Senior Information Security Engineer to help design, code, build, and support security architecture components for securing Appian’s Cloud and Corporate environments. This person will work as a key contributor and “builder” in a dynamic information security team involving cloud computing technologies and multiple security frameworks.

About the Job:

• Lead/contribute to major projects and initiatives that involve large security tool deployments or engineering efforts.
• Build and code security tooling detections and technology into our existing corporate and customer infrastructures.
• Enhance our security engineering infrastructure and systems that are continuously evaluating the threat-landscape for Appian’s operations and service offerings.
• Work directly with technical teams (e.g. Engineering, Cloud, IT) to design, analyze, and/or recommend secure infrastructure and tooling.
• Work alongside and mentor other junior engineers on the security team.
• Contribute ideas to improve the security posture and detections in our security program.
• Stay knowledgeable around the cutting edge of information security, threats, tools, and technique.

About You:

• 3+ years experience in coding with languages such as Java, Python, Ruby, Go, C, etc.
• 3+ years experience in SaaS, PaaS, IaaS and/or cloud infrastructure development environments (experience with Amazon Web Services is a plus).
• 3+ years experience using various security technologies.
• 2+ years experience with security architecture and design.
• Experience with UNIX or its variants, such as Linux.
• Familiar with networking protocols and technologies - TCP/IP, DNS, SMTP, etc.
• Familiar with common security frameworks such as the Mitre ATT&CK framework and threat hunting concepts to identify IOCs.
• Preferable experience with modern Cloud Native technologies - Kubernetes, Docker, serverless, etc.
• Preferable experience with infrastructure-as-code, security tool development, and automation to secure the cloud with a preference for leveraging/creating open-source security tools.
• Effective communicator of technical designs and vision verbally, visually and/or in writing for small to medium sized technical and non-technical audiences.
• Excellent at problem solving and a talent for identifying creative solutions.