Staff Security Engineer

About Outreach Outreach, founded in 2014, is the only complete agentic AI platform for revenue teams. Outreach infuses agentic AI, conversation intelligence, and assistive AI to power hundreds of use cases across revenue motions. From new logo prospecting to expansions, deal acceleration, driving retention, and forecasting, Outreach AI automates workflows and frees sellers to focus on more strategic conversations and actions. Revenue leaders benefit from connected account visibility, performance insights, and higher forecasting accuracy across every GTM team. World leading enterprise organizations use Outreach to power their revenue teams, including Databricks, SAP, Siemens, and Verizon to name a few.  Staff Security Engineer  Do you have a passion for securing cloud native environments? Are you excited by the opportunity to define industry leading standards and patterns? Would you like to work with a world class engineering team to train, mentor, and grow a security minded development culture? Outreach is looking for a Staff Security Engineer to partner with product engineering teams to drive secure product design, perform application security reviews, and help shape the future of our cloud native, continuous deployment application security program.  The ideal candidate brings strong application security engineering skills, a background in software development or engineering, and deep knowledge of application security vulnerabilities and mitigations. This role is centered on building secure systems and improving secure development practices, not on offensive security testing alone. It emphasizes researching emerging threats and effective mitigations, then applying those insights across our services and Secure Development Lifecycle. The right candidate enjoys engaging with customers, takes ownership of improving security processes and technical controls across engineering teams, and contributes to the development of product security features.  From day one, you will partner with product managers and engineers across the organization and, at times, work directly with customers. You will help train and support PMs and engineers in designing and implementing secure development practices within our CI/CD pipelines to reduce vulnerabilities in production code. You will create technical training and security awareness content, contribute to secure coding standards, and produce position papers and technical specifications that guide security mitigations and product feature development.  The primary focus areas for this position are:  Technical Fluency – A passion for security and technology, familiarity with DevOps methodology and containers, SaaS and cloud security solutions and standards, and microservice architectures.  Advisory Skills – Providing direction, advice and support that helps grow the technical and collaboration skills of the individuals and teams you work with.  Execution – Planning, coordination, managing dependencies and risks, and diving deep when issues arise. Ability to work with people and drive a program to completion is a must.       

Responsibilities: 

● Conduct threat models and train engineers on threat modeling techniques and other standard evaluation practices to identify and prioritize risks of potential vulnerabilities and define possible mitigations. 

● Develop, document and maintain the security standards and design patterns used by engineers to deliver consistent, secure code and features. 

● Research the threat landscape, regulatory considerations, and customer requirements relevant to Outreach’s business, and recommend solutions to address known and potential threats by defining and applying appropriate security requirements. 

● Experience using Wiz, Snyk, or similar tools to identify and manage vulnerable dependencies, with strong knowledge of SCA and SAST tools and their integration into the software development lifecycle. 

 ● Ensure strong cross-company collaboration by fostering a close partnership between security and engineering teams with the goal of increasing customer trust in Outreach and its products. 

 

 

Qualifications: 

● A minimum of 3 years experience as a senior or principal application security engineer or architect. 

 ● Deep experience in application security programs, including threat modeling, secure coding best practices, identifying vulnerabilities and secrets in code, and coordinating remediations in a cloud-native SaaS environment. 

 ● Familiarity with modern application security issues and mitigation techniques is essential. 

 ● Experience creating reference architectures, engineering specs, and data flow diagrams. Experience with customer-facing content is a plus. 

 ● Experience performing code reviews to identify security vulnerabilities. 

 ● Proven success working with engineers and technologies in cloud-native, DevOps environments (including CI/CD pipelines, microservices, and infrastructure as code). 

 ● Strong track record of partnering and collaborating with engineers and producing formal documentation to communicate program effectiveness to leadership. 

 ● Experience evaluating and implementing third-party tools and services to support an effective SDL program. 

 ● Experience mentoring and training others in application security principles and practices. 

 ● Excellent interpersonal and management skills. 

 ● Strong written and verbal communication skills. Experience working with customers or customer-facing teams is a plus. 

 ● Ability to work independently and flexibly to succeed within Outreach’s dynamic culture. 

Why You’ll Love It Here ● Highly competitive salary ● 25 days annual vacation time + sick time and casual leave ● Group medical policy coverage available to employees and up to 5 eligible family members ● OPD benefit covered up to INR 10,000 ● Life insurance and personal accident insurance at 3x annual CTC ● 26 weeks of maternity leave pay, and 15 days of paternity leave pay ● Opportunity to be part of company success via the RSU program ● Diversity and inclusion programs that promote employee resource groups like OWN+ (Outreach Women's Network), Adelante (Latinx community), OBX (Outreach Black Connection), Mosaic (AAPI community), Pride (LGBTQIA+), Gender+, Disability Community, and Veterans/Military  ● Employee referral bonuses to encourage the addition of great new people to the team ● Fun company and team outings because we play just as hard as we work Outreach is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. Our success is reliant on building teams that include people from different backgrounds and experiences who can elevate assumptions and ideas with fresh perspectives. We're dedicated to hiring the whole human, not just a resume. To that end, we look for a diverse pool of applicants-including those from historically marginalized groups. We would like to invite you to apply even if you don't think you meet all of the requirements listed below. We don't want a few lines in a job description to get between us and the opportunity to meet you.