Flexera
SaaS
StaffSecurityEngineer
Neural analysis suggests this role is
optimal for Senior candidates.
“Staff Security Engineer at Flexera. Skills: Application Security, Vulnerability Management, Governance & Compliance, Security program execution, SDLC integration, Risk decision making. Own the day-to-day execution of our security programme across Application Security, Vulnerability Management, and Governance & Compliance. Lead threat modelling and security design reviews”
Industry & Context.
Independent, defensible risk decisions; Identifying and flagging risk with proposed mitigations
What They're Looking For.
Must Have
10+ years of experience in security engineering or architecture, Demonstrated ownership of vulnerability management or application security programs (end‑to‑end accountability, not partial contribution), Ability to make independent, defensible risk decisions, written communication skills, including clear work instructions for others, Experience representing security to engineering leadership and external auditors, Hands-on experience with vulnerability scanning tools (Qualys or equivalent), Practical knowledge of integrating security into the SDLC, Working understanding of multiple compliance frameworks across different markets, Proven ability to plan work, delegate clearly, and drive outcomes (not just activity), High autonomy—does not require step‑by‑step direction, Comfortable operating in ambiguity and building structure where none exists
Nice to Have
Familiarity with Prisma Cloud, GitHub Advanced Security, or SBOM tooling, Experience with ISO, EU Cyber Resilience Act (CRA), NIS2, or equivalent product security regulations
What You'll Do.
Own the day-to-day execution of our security programme across Application Security
Vulnerability Management
and Governance & Compliance
Lead threat modelling and security design reviews
Define and enforce security gates within CI/CD pipelines
Conduct code and architecture reviews
Build and maintain developer security guidance
secure coding standards
and SDLC integration practices
Own scanner configuration
and operational management
Triage and prioritise vulnerability findings
Define and enforce remediation SLAs
Maintain vulnerability metrics
and executive-level reporting
Escalate unresolved or high-risk findings
Drive evidence collection and gap closure for ISO 27001
Coordinate with internal and external auditors
Respond to enterprise customer security questionnaires and due diligence requests
Maintain compliance programme tracking against regulatory deadlines
Contribute to security policies and standards
How You'll Work.
Team & Collaboration
Coordinate work across contractors, interns, and engineering teams with clear written assignments and acceptance criteria; Represent security in product and engineering forums; Partner with the Head of Information Security on security roadmap and milestone planning
Communication Scope
Written communication skills; Clear work instructions; Representing security to engineering leadership and external auditors; Clear business impact framing
Process & Methodology
Planning work, Delegating clearly, Driving outcomes, Milestone planning
Full Job Description
Flexera saves customers billions of dollars in wasted technology spend. A pioneer in Hybrid ITAM and FinOps, Flexera provides award-winning, data-oriented SaaS solutions for technology value optimization (TVO), enabling IT, finance, procurement and cloud teams to gain deep insights into cost optimization, compliance and risks for each business service. Flexera One solutions are built on a set of definitive customer, supplier and industry data, powered by our Technology Intelligence Platform, that enables organizations to visualize their Enterprise Technology Blueprint™ in hybrid environments—from on-premises to SaaS to containers to cloud. We’re transforming the software industry. We’re Flexera. With **more than 50,000 customers** across the world, we’re achieving that goal. But we know we can’t do any of that without our team. Ready to help us re-imagine the industry during a time of substantial growth and ambitious plans? Come and see why **we’re consistently recognized by Gartner, Forrester and IDC** as a category leader in the marketplace. Learn more at **flexera.com** **Staff Security Engineer** Information Security · Senior Individual Contributor We are a SaaS and on-premises software company with four decades of product history and a customer base that spans regulated industries globally. We are looking for a Staff Security Engineer who will own the day-to-day execution of our security programme across three domains: Application Security, Vulnerability Management, and Governance & Compliance. This is a senior individual contributor role — you will set the pace, shape the practices, and be the person engineering teams turn to when they need security embedded into how they build. If you are the kind of person who finds building the programme from a mandate more satisfying **Key Responsibilities** **Application Security** * Lead threat modelling and security design reviews across new and existing products * Define and enforce security gates within CI/CD pipeline
Applying for this Staff Security Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Flexera?
Real rants from real employees. Read before you apply.