We’re not just building better tech. We’re rewriting how data moves and what the world can do with it. With Confluent, data doesn’t sit still. Our platform puts information in motion, streaming in near real-time so companies can react faster, build smarter, and deliver experiences as dynamic as the world around them.

It takes a certain kind of person to join this team. Those who ask hard questions, give honest feedback, and show up for each other. No egos, no solo acts. Just smart, curious humans pushing toward something bigger, together.

One Confluent. One Team. One Data Streaming Platform.

As an application security engineer at Confluent, you will join a team of security architects and engineers responsible for defining and executing on the security strategy of our product for both on-prem offerings and Cloud services. You will ensure that security is embedded in how we build our products from design and development to testing to how we run them in the cloud, and partner with product and engineering teams to strategically guard against existing or emerging threats.

This position is also responsible for cultivating a culture of security awareness across Eng, Product, and the rest of the organization. You will also be responsible for helping build software automation that supports various security operations. The ideal candidate has deep technical security knowledge and software development expertise that will help define and implement robust security architecture strategies, manage and eradicate systemic classes of security issues and vulnerabilities at scale.

• Drive and influence software security across the organization by partnering with key stakeholders throughout Confluent

• Keep up to date with emerging security vulnerability classes, research and perform triage for relevance by performing table top exercises where necessary

• Perform security threat modeling and design reviews for providing early secure design guidance to engineers and product managers

• Perform product security feature specific implementation reviews (or penetration testing whole applications where applicable), API security testing and code reviews to identify vulnerabilities and provide critical security guidance to engineers

• Enhance our security automation, leveraging or building software security tooling to help scale product security operations and support overall vulnerability management practices

• Propose, design, build, and deploy security solutions, frameworks, automation, and orchestration to secure cloud applications

• Identify opportunities for implementing additional technology controls to build more visibility or defend key points of attack

• A data-driven, decision-making mindset

• 4+ years of relevant application security industry experience

• Strong knowledge of security fundamentals, especially as they relate to the fields of Web Application Security and Cloud Security primitives

• Experience working with common software development stacks and CI/CD systems

• Experience reading and writing code for software automation and security test cases (preferably in GoLang, Python, Java)

• Experience working with distributed teams and other cross-functional stakeholders

• The knowledge, experience, and perspective necessary to own outcomes, influence stakeholders, and provide effective leadership when it comes to keeping our customers and our product safe

• Decision-maker with the ability to operate with freedom and autonomy

• Ability to own and oversee numerous initiatives, while working collaboratively with a variety of stakeholders, and adjust priorities upon evolving business needs

Come As You Are

Belonging isn’t a perk here. It’s the baseline. We work across time zones and backgrounds, knowing the best ideas come from different perspectives. And we make space for everyone to lead, grow, and challenge what’s possible.

We’re proud to be an equal opportunity workplace. Employment decisions are based on job-related criteria, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by law.