Senior Application Security Engineer [Remote - UK]

Confluent is pioneering a fundamentally new category of data infrastructure focused on data in motion. Have you ever found a new favourite series on Netflix, picked up groceries curbside at Walmart, or paid for something using Square? That’s the power of data in motion in action—giving organisations instant access to the massive amounts of data that is constantly flowing throughout their business. At Confluent, we’re building the foundational platform for this new paradigm of data infrastructure. Our cloud-native offering is designed to be the intelligent connective tissue enabling real-time data, from multiple sources, to constantly stream across the organisation. With Confluent, organisations can create a central nervous system to innovate and win in a digital-first world.
We’re looking for self-motivated team members who crave a challenge and feel energised to roll up their sleeves and help realise Confluent’s enormous potential. Chart your own path and take healthy risks as we solve big problems together. We value having diverse teams and want you to grow as we grow—whether you’re just starting out in your career or managing a large team, you’ll be amazed at the magnitude of your impact.
About the Role
As an application security engineer at Confluent, you will join a team of security architects and engineers responsible for defining and executing on the security strategy of our product for both on-prem and Cloud. You will ensure that security is embedded in how we build our products from design and development to testing to how we run them in the cloud, and partner with product and engineering teams  to strategically guard against existing or emerging threats.
This position is responsible for cultivating a culture of security awareness across Engineering, Product, and the rest of the organisation. The ideal candidate has deep technical security knowledge and expertise and will help define and implement robust security architecture strategies, frameworks and governance processes.

What You Will Do:

• Drive and influence software security across the organisation by partnering with key stakeholders throughout Confluent
• Propose, design, build and deploy security solutions, frameworks, automation and orchestration to secure cloud applications
• Identify opportunities for implementing additional technology controls to build more visibility or defend key points of attack
• Perform product security reviews and provide critical security guidance to engineers and product managers
• Enhance our security automation, leveraging or building software security tooling to help scale
• Drive the development of an effective product security governance program that ensures strategic alignment of product security and broader corporate and business unit objectives
• Develop and drive security-related communication, training and awareness programs across the organisation

What You Will Bring:

• Strong security engineering fundamentals background, especially in the fields of product and cloud security
• The knowledge, experience and perspective necessary to own outcomes, influence stakeholders, and provide effective leadership when it comes to keeping our customers and our product safe
• Ability to own and oversee numerous initiatives, while working collaboratively with a variety of stakeholders,  and adjust priorities upon evolving business needs
• A data-driven, decision-making mindset

What We're Looking For:

• 7+ years of experience in Software Development, specialising in Application Security
• Security Engineering experience within a SaaS company & Large Scale Systems
• Experience performing full-stack security design reviews and writing extensive threat models for complex engineering projects
• Recent experience executing time-boxed Penetration testing or implementation reviews
• Basic coding or scripting experience (Python/Java/Go) to assist with Automation
• Decision-maker with the ability to operate with freedom and autonomy

What Gives You an Edge:

• Experience establishing SAST/DAST tools
• Deep technical security knowledge in Kubernetes
• Participated in reinforcing CICD environment & pipelines
• Experience working with distributed teams and other cross-functional stakeholders
• Experience in leading security decision-making and working to solve complex engineering problems

Whilst Confluent values remote-first working, we are unable to consider candidates who aren't currently living in the United Kingdom or relocating to the UK for this role. It's an exciting time and we are rapidly expanding, so check out our careers page for opportunities available within your location and apply today!

#LI-TE1#LI-Remote
Come As You Are
At Confluent, equality is a core tenet of our culture. We are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. The more diverse we are, the richer our community and the broader our impact.
Click here to review our California Candidate Privacy Notice, which describes how and when Confluent, Inc., and its group companies, collects, uses, and shares certain personal information of California job applicants and prospective employees.
#LI-Remote