Sr. Security Engineer
Momentive Software
Job Description
Key Responsibilities
SSDLC & Security Governance
Define, implement, and continuously improve Secure SDLC frameworks aligned with industry standards (OWASP, NIST, ISO 27001, CIS).
Establish security policies, coding standards, and security checkpoints across all SDLC phases.
Act as the security SME for development, DevOps, and architecture teams.
Application Security
Perform advanced threat modeling (STRIDE, PASTA) and security architecture reviews.
Conduct and oversee secure code reviews (manual and automated).
Lead application security testing activities including SAST, DAST, IAST, SCA, and penetration testing.
Identify, assess, and prioritize vulnerabilities and drive remediation with engineering teams.
DevSecOps & Automation
Integrate security tools into CI/CD pipelines (GitHub, GitLab, Jenkins, Azure DevOps, etc.).
Automate security testing, policy enforcement, and compliance reporting.
Define security gates and risk-based release criteria.
Risk Management & Compliance
Perform security risk assessments and support audits and compliance initiatives.
Map SSDLC practices to regulatory and compliance requirements.
Track security metrics, KPIs, and KRIs to demonstrate program effectiveness.
Leadership & Mentoring
Mentor developers and security engineers on secure coding and SSDLC best practices.
Conduct secure coding training and awareness sessions.
Influence stakeholders and leadership on security strategy and risk posture.
Required Skills & Qualifications
Technical Skills
Strong hands-on experience with Secure SDLC and application security.
Deep knowledge of OWASP Top 10, ASVS, MASVS, and API Security.
Expertise in threat modeling and secure architecture design.
Experience with SAST/DAST/IAST/SCA tools (e.g., Fortify, Checkmarx, Veracode, SonarQube, Burp, Snyk).
Strong understanding of CI/CD and DevSecOps practices.
Proficiency in at least one programming language (Java, .NET, Python, JavaScript, etc.).
Experience securing cloud-native applications (AWS, Azure, GCP).
Soft Skills
Strong leadership and stakeholder management skills.
Excellent communication and documentation abilities.
Ability to balance security risk with business priorities.
Preferred Qualifications
Security certifications such as CISSP, CSSLP, CISM, OSCP, CEH.
Experience in large-scale enterprise or regulated environments.
Experience defining enterprise-wide security standards and roadmaps.
About Us
Momentive Software amplifies the impact of over 20,000 purpose-driven organizations in over 30 countries, with over $11 billion raised and 55 million members served to date. Mission-driven nonprofits and associations rely on Momentive’s cloud-based software and services to address their most pressing challenges – from engaging their communities to simplifying operations and growing revenue. Designed to help organizations connect more, manage more, and ultimately expect more, Momentive's solutions are built with reliability at the core and strategically focus on fundraising, learning, events, careers, volunteering, accounting, and association management. Momentive partners with organizations that believe "good enough" is never enough – so they can bring on better outcomes for everyone they serve. Learn more at momentivesoftware.com.
Why Work Here?
At Momentive Software, we’re a team of passionate problem-solvers, innovators, and volunteers who believe in using technology to make a real difference. We dream big, support each other, and take pride in creating solutions that help our customers drive meaningful change. If you’re looking for a place where your work matters and your ideas are valued, you’ll find it here.
Planned Paid Time Off - Earned Leave and Casual Leave in Each Calendar Year
Company Holidays as Per Policy
Employer-Paid Parental Leave
Purpose-Driven Culture
Work-Life Balance
Passionate About Community Involvement
Group Mediclaim Policy
Group Accident Policy
Group Term Life Policy
Gratuity as Per Payment of Gratuity Act
Momentive Software actively embraces diversity and equal opportunity in a meaningful way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be, which is why we do not discriminate based on race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.
All persons hired will be required to verify identity, minimum age of 18, eligibility to work in India (without sponsorship), and to complete the required employment eligibility verification form upon hire.