Senior Product Security Offensive Engineer

We offer a flexible working policy that supports the health and well-being of our iManage employees. As an organization, we value collaborating and learning from our peers in person, while providing the necessary flexibility for our employees to have a meaningful work-life balance. Please reach out to learn more.

Being a Senior Product Security Offensive Engineer at iManage Means...
You will join this team of security engineers that will guide the global engineering teams on security considerations as well as assess and improve product security at iManage. We operate on a Zero-Trust approach, so you will play an integral role in the continued maintenance and maturity of our Zero-Trust architecture. Our focus is to ensure that our engineers ship and maintain secure code and infrastructure, and we want your help to do it. You are passionate about technology and willing to work with many industry security perspectives including threat modeling, architecture review, dynamic code review, static code reviews, cloud assessments, data security assessments, runtime/event security and penetration testing. You have a focus on offensive security activities to discover weakness in all tiers of iManage products and technology.

Here is what one of our leaders, Enterprise Product Security Sr. Director (Jeff LaFrate), has to say about the role: "You will work on our product security team supporting continual improvement while leveraging a wide range of industry best practices. You will work both independently and collaboratively with a global team of engineers to deliver quality, hardened, industry leading enterprise solutions. Your contributions will be noticed, impactful and rewarding."

iM Responsible For…

• Conducting high quality product penetration tests independently, or as part of a team.
• Fostering collaboration with engineers and leadership to understand actual risk, remediation priority and remediation expectations.
• Evangelizing security best practices with effective verbal and written communication skills.
• Striving to consistently learn and improve as well as sharing knowledge with colleagues.

iM Qualified Because I Have…

• A bachelor's degree or higher in computer science or related field.
• 5+ years of relevant work experience.
• Proven experience with assessing risk and providing remediation guidance for weaknesses detected using manual penetration testing plus one or more of the following perspectives:
• SAST, SCA, DAST, host/container security, IaC, platform security, cloud configuration, network security, data security, API security, AI security/LLMs and CI/CD process
• Knowledge of best practices, metrics and mechanisms to improve security testing methodologies.
• Proven experience and understanding of multi-tier web application architecture patterns.
• Experience with software development practices, tooling and technologies.
• Curiosity and a desire to improve customer experience, reduce risk, improve methods and prepare for new threats.
• Ability and desire to communicate with colleagues to strategize and implement continual improvement through industry best practices, threat modeling and vulnerability triage.
• In-depth understanding of "OWASP Top 10" risks like injection, XSS, CSRF, etc.
• Understanding of data classification and data security control implementations.
• Experience with common cloud security controls and best practices.

Don't meet every qualification listed above? Studies show that women and people of color are less likely to apply to jobs unless they meet all qualifications. At iManage, we are committed to building a diverse and inclusive environment, and encourage everyone to show up as their full authentic selves. We welcome those that come with a growth mindset and a hunger for learning; so, if you are excited about this role but your past experience doesn't align perfectly with every qualification we encourage you to apply anyways

iM Getting To…

• Join a rapidly evolving, industry-leading SaaS company on an exciting journey of growth and scalability 
• Take on meaningful, high-impact challenges by leveraging cutting-edge technologies and best-in-class protocols to drive innovation. 
• Own my career path with our internal development framework. Ask us more about this 
• Expand my skill set and earn certifications with unlimited access to LinkedIn Learning courses and interactive Microsoft courses & training. 
• Be part of a supportive and experienced team within a dynamic, inclusive, and encouraging culture. 
• Enjoy flexible work hours that empower me to balance personal time with professional commitments. 
• Collaborate in a modern, open-plan workspace featuring a gaming area, free snacks and drinks, and regular social events. 

iManage Is Supporting Me By...

• Providing a market competitive salary that is applied through a consistent process, equitable for all our employees, and regularly reviewed based on industry data.
• Creating an inclusive environment where I can help shape the culture not just by fitting in, but by adding to it.
• Rewarding me with an annual performance-based bonus.
• Providing enhanced parental leave (20 weeks for primary and 10 weeks for secondary caregiver at 100% pay)
• Offering comprehensive Health/Accidental /Life Insurance.
• Encouraging me to take time off for myself with 21 paid leaves, 9 casual and sick, multiple all company wellness days, close to 10-12 Indian Holidays, and for other life events.

iManage is committed to providing an excellent candidate experience and will never ask you to engage in recruitment activity via text and exclusively communicates from emails using the domain. If you have any concerns or questions about communications you have received, please send them to so our team members can review.

About iManage...
 

At iManage, we are dedicated to Making Knowledge Work. Our intelligent, cloud-enabled, and secure platform is trusted by 4,100+ customers and 430,000 users worldwide, managing over 11 billion documents and 11 petabytes of data. We empower professionals across 65+ countries to unlock the full potential of their business content and communications. 

We are continuously innovating to solve the most complex professional challenges and enable better business outcomes; Our work is not always easy but it is ambitious and rewarding.
So we're looking for people who embrace challenges. People who thrive on solving problems, pushing boundaries, and collaborating with the industry's best and brightest. That's the iManage way. It's how we turn the impossible into reality, empower our employees to grow, unlock their potential, and create a meaningful impact on everything we do. 

Whoever you are, whatever you do, however you work. Make it mean something at iManage.

iManage provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by the Law.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Learn more at:

Please see our recruitment privacy statement for more information on how we handle your personal data.
 
#LI-SR1
#LI-Hybrid

---