Application Security Engineer

Trellix, Inc.

Job Overview

Location

Remote India

Job Type

Full-time

Full Job Description

📋 Description

• As an Application Security Engineer at Trellix, you will play a critical role in safeguarding the company’s multi-cloud and on-premise environments by bridging the gap between security findings and engineering solutions, ensuring that vulnerabilities are not just identified but rapidly remediated through collaboration and automation.
• You will own the full vulnerability management lifecycle—from discovery and risk prioritization to coordinating remediation with development teams—while championing secure engineering practices across Trellix’s platforms and services.
• Day to day, you will lead dynamic application security testing efforts, including managing automated DAST scans, conducting targeted penetration tests, and triaging Bug Bounty submissions to validate and prioritize real-world risks.
• You will partner closely with DevOps and CloudOps teams to embed security into infrastructure-as-code (IaC) using tools like Terraform and CloudFormation, ensuring containerized deployments are secure by design and resilient against emerging threats.
• You will write and maintain automation scripts in Python, Bash, or PowerShell to streamline security workflows, correlate data from SAST, DAST, and SCA tools, and eliminate manual ticketing overhead through intelligent auto-ticketing and remediation orchestration.
• As a technical Subject Matter Expert (SME), you will guide developers in fixing code vulnerabilities, managing secrets effectively, securing open-source dependencies via Black Duck or similar SCA tools, and resolving license compliance issues to reduce supply chain risk.
• You will oversee the implementation and optimization of secrets management solutions to eliminate hardcoded credentials across applications and pipelines, significantly reducing credential exposure risks.
• Trellix is a global cybersecurity leader redefining the future of threat protection through an open, native platform powered by AI, automation, and analytics, serving over 50,000 business and government customers worldwide with responsibly architected security solutions.
• The Information Security team at Trellix fosters a collaborative, innovation-driven culture where security is viewed as an enabler of business agility, and engineers are empowered to build secure systems without sacrificing velocity.
• In this role, you will deepen your expertise in modern application security practices, cloud-native security, DevSecOps integration, and automation at scale—positioning yourself as a trusted advisor and technical leader in enterprise security.
• You will have the opportunity to influence Trellix’s security posture at a strategic level, contribute to industry-leading security products, and grow your impact through mentorship, cross-functional leadership, and exposure to cutting-edge threats and defenses.

🎯 Requirements

• Proven experience in Application Security, Vulnerability Management, or a related security engineering role with hands-on experience in SAST, DAST, SCA, and penetration testing methodologies.
• Strong scripting proficiency in Python, Bash, or PowerShell to automate security workflows, correlate tool outputs, and reduce manual toil in vulnerability remediation processes.
• Solid understanding of modern cloud architectures (AWS, Azure, GCP), containerization (Docker, Kubernetes), and infrastructure-as-code (Terraform, CloudFormation) to secure cloud-native environments effectively.
• Familiarity with OWASP Top 10, secure coding practices, secrets management tools, and open-source security tools like Black Duck or Snyk to identify and remediate third-party risks.
• Excellent communication and collaboration skills, with the ability to translate complex security risks into clear, actionable guidance for developers and infrastructure teams.
• Passion for automation and continuous improvement, with a track record of building tools or processes that enhance security efficiency and scalability.

🏖️ Benefits

• Comprehensive medical, dental, and vision coverage to support your health and well-being.
• Generous paid time off and paid parental leave policies designed to promote work-life balance and family support.
• Retirement plans to help you save for the future with company-supported investment options.
• Support for community involvement and volunteer initiatives, encouraging employees to give back and engage with causes they care about.
• A strong commitment to diversity, equity, inclusion, and belonging, with policies prohibiting discrimination and harassment based on any legally protected characteristic.
• Flexible remote work arrangement (based in India) enabling you to work from anywhere while contributing to a global cybersecurity mission.

Skills & Technologies

Python

Terraform

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Trellix, Inc.

Visit Website

About Trellix, Inc.

Trellix is a global cybersecurity company that provides a comprehensive security fabric. It offers a broad portfolio of products and services designed to protect businesses from a wide range of cyber threats. Trellix's solutions encompass endpoint security, network security, cloud security, and data security, utilizing advanced technologies like artificial intelligence and machine learning. The company focuses on delivering integrated security operations and threat intelligence to help organizations simplify their security posture and enhance their resilience against evolving cyberattacks. Trellix serves a diverse customer base, from small businesses to large enterprises, across various industries.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.