Staff Application Security Engineer

About the Role: As a Staff Security Engineer at Ivanti, you play a crucial role in safeguarding our products and users against evolving threats. Your work ensures trust and resilience in our technology, helping organizations worldwide operate securely and innovate with confidence. You will manage the integration of security best practices throughout all phases of the software development lifecycle, ensuring robust protection of Ivanti's products, services, and IT assets.

What You'll Do

• Build innovative and scalable security tools, processes, and solutions to proactively detect, remediate, and mitigate vulnerabilities across large and complex codebases.
• Design secure architectures, perform comprehensive threat modeling, and lead penetration testing and code reviews on both web and mobile applications.
• Partner with development, operations, and architecture teams to deeply embed security into DevOps practices and foster a culture of continuous security awareness.
• Lead security education initiatives by delivering clear, actionable training and documentation to cross-functional teams.
• Collaborate with global product and engineering teams, business leaders, and third-party security vendors to interpret vulnerability reports and coordinate effective security solutions and disclosure programs.
• Advise stakeholders on prioritizing vulnerabilities, implementing secure coding standards, and adopting industry-leading security protocols.

What You Will Bring

• Over 8 years of experience in web application security, with deep technical knowledge of both common and advanced security vulnerabilities, exploitation techniques, and practical remediation strategies.
• Proven expertise in applied cryptography, threat modeling, vulnerability assessment (including CVSS scoring and penetration testing), as well as secure software development practices across SSDLC and CI/CD pipelines.
• Experience implementing and maintaining security tools and processes for large-scale codebases (such as SAST, SCA, DAST, container scanning), and providing secure coding education to developers.
• Strong programming skills (preferably in Python), with the ability to explain complex security topics clearly to diverse technical and non-technical stakeholders.
• Demonstrated ability to work cross-functionally in collaborative environments, contributing to responsible disclosure, bug bounty, and vulnerability management programs.

Why Ivanti?

• Remote-friendly, flexible schedules to empower excellence in every setting.
• Competitive compensation & total rewards, including health, wellness, and financial plans tailored for you and your family.
• Global, diverse teams: Collaborate with talented people from 23+ countries.
• Learning & development: Grow your skills with access to best-in-class learning tools and programs.