Staff Security Engineer II
Confluent1 months ago
Location
IN Remote India
Type
Full Time
Level
Staff
Role
Security Engineer
Posted
Feb 9, 2026
Full TimeStaff
The role
Summary
Staff Application Security Engineer II at Confluent, responsible for shaping application security strategy across distributed systems and cloud platforms. The role involves defining security architecture, leading automation initiatives, and partnering with Engineering and Product teams to embed secure-by-design practices. Requires 10-12 years of application security experience with expertise in cloud-native platforms, security automation, and programming languages like Go, Python, or Java.
What you'll do
Security Architecture Leadership: Partner with Engineering, Product, and Platform teams to identify security risks early and influence architectural decisions across distributed systems
Threat Modeling and Design Standards: Define and standardize threat modeling frameworks and security design standards for complex, distributed systems
Security Implementation Reviews: Serve as subject matter expert for product security implementation reviews, overseeing security code reviews and API security testing
Security Automation Architecture: Architect and drive roadmap for security automation, building scalable software security tooling to transform product security operations
Cloud-Native Security Integration: Design and lead deployment of automation frameworks that integrate security into cloud-native deployment pipelines
Vulnerability Research and Prevention: Proactively identify new vulnerability classes, lead research initiatives and orchestrate table-top exercises
Advanced Security Controls: Strategically identify and deploy advanced technology controls to maximize observability and harden attack surfaces
Cross-Functional Security Leadership: Build and sustain strong security culture across Engineering, Product, and broader organization through technical guidance and mentorship
What we look for
Technical
Application Security Expertise10-12 years of hands-on Application Security experience with measurable security improvements across large-scale distributed systems
Modern Web Application SecurityComprehensive knowledge of security fundamentals for modern web applications and cloud-native platforms
Secure Software DevelopmentProven experience evolving SDLC to embed security by default, including CI/CD pipeline security and automated guardrails
Programming ProficiencyExperience in Go, Python, or Java with ability to design and build scalable security automation frameworks
AI/ML Security IntegrationPassion for applying AI and LLMs to automate complex security workflows and improve security outcomes
Incident Response LeadershipAbility to lead technical investigation and response to application security incidents while driving preventive improvements
Education
Bachelor's DegreeComputer Science, Information Security, or related technical field preferred
Security CertificationsCISSP, CSSLP, CEH, or equivalent security certifications preferred
Experience
Leadership ExperienceExperience leading cross-functional initiatives in distributed environments and translating security requirements into technical roadmaps
Architecture PartnershipAbility to partner as trusted peer with Engineering and Product leadership to embed security into core architecture
Data-Driven Decision MakingExperience balancing security requirements with business velocity and engineering trade-offs to deliver measurable outcomes
Technical MentorshipProven ability to raise organizational security standards through architectural reviews and development of engineers across all levels
Skills
Required skills
Application Security10-12 years of hands-on experience in application security for large-scale distributed systems
Security ArchitectureExpertise in secure software design, architecture, and common vulnerability classes
Programming LanguagesProficiency in Go, Python, or Java for security automation framework development
Cloud-Native SecurityExperience securing CI/CD pipelines, build systems, and cloud-native deployment workflows
Threat ModelingAdvanced skills in threat modeling frameworks and security design standards
Security AutomationAbility to architect and build scalable security automation and orchestration frameworks
Nice to have
AI/ML IntegrationExperience applying AI and LLMs to automate security workflows and reduce manual processes
Incident ResponseLeadership experience in technical investigation and response to application security incidents
Cross-Functional LeadershipProven ability to lead initiatives across distributed engineering organizations
Security CertificationsCISSP, CSSLP, CEH, or equivalent industry security certifications
Vulnerability ResearchExperience in proactive vulnerability research and emerging threat landscape analysis
Compensation & benefits
Benefits
Equal Opportunity Workplace
Employment decisions based on job-related criteria without regard to protected classifications
Inclusive Culture
Belonging-focused environment that values diverse perspectives and backgrounds
Global Remote Work
Work across time zones with flexible remote arrangements
Professional Growth
Opportunities to lead, grow, and challenge what's possible in data streaming technology
Interview process
- 1Initial Screening — Phone or video call with HR/Recruiting to discuss background, experience, and role alignment
- 2Technical Security Assessment — Deep dive into application security experience, threat modeling, and security architecture design
- 3System Design and Architecture — Security-focused system design interview covering distributed systems and cloud-native security
- 4Leadership and Collaboration — Behavioral interview assessing cross-functional leadership and ability to influence engineering teams
- 5Security Automation and Tools — Technical discussion on security automation, tooling development, and DevSecOps practices
- 6Final Panel Interview — Meeting with security leadership and engineering stakeholders to assess cultural fit and strategic thinking
Apply for this position
You'll be redirected to the company's application page
More Jobs at Confluent
35 other open positions
Software Engineer
MidGB Remote United KingdomRemote
Senior Software Engineer II - Kafka Client
SeniorIN Remote India
Software Engineer- Cloud Traffic
JuniorCA Office Toronto
Engineering Manager - CC UI Apps (Kafka, Governance, and Tableflow)
ManagerRemote, Ontario, CanadaRemote
Senior Software Engineer II
SeniorRemote, Ontario, CanadaRemote
Confluent
View all jobs
Confluent is an American data streaming platform company based on Apache Kafka.
Mountain View, California, United StatesFounded 2014confluent.io
Tech Stack
Languages
GoPythonJava
Frameworks
Apache KafkaCloud-native frameworksCI/CD Pipeline frameworks
Databases
Distributed databasesNoSQL databases
Tools
Security automation toolsThreat modeling toolsVulnerability management platformsAPI security testing tools
Other
Cloud platformsAI/ML platformsObservability platforms
Interview Guides
14 guides available for Confluent
Apply Now