Proofpoint Staff Application Security Engineer in Sunnyvale, California

Staff Application Security Engineer

Location:Sunnyvale, CA


Company Overview

At Proofpoint, we have a passion for protecting people, data, and brands from today’s advanced threats and compliance risks. We are singularly devoted to helping our customers protect what matters most. That’s why we’re a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.

The Role

We are lookingto hirean influential and creative Application Security Engineer interested in joining a small, nimble team that has a really big impact.

You will be working within Proofpoint’s Global Information Security team and partnering with our engineering teams to ensure our market-leading products are built with a security mindset from the outset and incorporate the latest security best practices across the entire software development lifecycle. You will also collaborate with other members of the SecOps and Operations teams to build and maintain the infrastructure,libraries / frameworks, tooling, and automation that accelerates team productivity.

Your day-to-day

  • Conduct architectural security reviews with product engineering teams

  • Conduct application security testing and source code reviews for a variety of technologies

  • Conduct security research on the latest best practices, threats, trendsandvulnerabilities affecting the development frameworks used at Proofpoint

  • Document and disseminate security guidelines for common security issues and baselines

  • Develop and deliver application security training that will excite and inspire a “security from the outset” mindset

  • Develop tools to support the application security review process

  • Develop secure frameworks and libraries

What you bring to the team

  • A passion for building secure software products

  • Very strong abilities with a modern scripting language (Python, Ruby)

  • Experience with application programming languages and frameworks (Java, JavaScript, C/C++, Go)

  • Experience with web, cloud, and microservices architectures

  • Experience conducting application security reviews and creating threat models for a complex set of technologies

  • Experience triaging and validating security vulnerabilities

  • Experience identifying and protecting against security vulnerabilities, including those found in the OWASP Top 10 and CWE Top 25.

  • Experience with red teaming and penetration testing

  • Very strong written and verbal communication skills

  • Ability to coach and mentor other engineers on product security

  • BS in Computer Science or relevant security and development experience

Why Proofpoint

As a customer focused and driven-to-win organization withleading edgeproducts, there are many exciting reasons to join the Proofpoint team. We believe in hiring the best the brightest and cultivating a culture of collaboration and appreciation. As we continue to grow and expand globally, we understand that hiring the right people and treating them well is key to our success! We are a multi-national company with locations in 10 countries, with each location contributing to Proofpoint’s amazing culture!


Proofpoint is an equal opportunity employer and welcomes applications from all qualified individuals regardless of race, sex, disability, religion/belief, sexual orientation or age.

Proofpoint does not accept unsolicited resumes from external recruiters or employment agencies. In the absence of a signed Recruitment Services Agreement, Proofpoint will not consider or agree to payment of any recruiter or agency fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, Proofpoint explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency.