As a Lead Application Security Engineer, you will drive security architecture, perform design reviews, and mentor teams while enhancing Coupa's security features and compliance.
Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.
Why join Coupa?
🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.
🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.
🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other.
Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa.
The Impact of a Lead Application Security Engineer at Coupa:
We are looking for an extremely talented Lead Application Security Engineer to join our Application Security Team. You will be part of a global agile group that is responsible for building the best-in-class SaaS platform, deployment infrastructure, and services. The position will require a candidate to drive security architecture, perform design and threat modeling reviews, and design, develop, maintain, and scale Coupa’s security features and application security tooling. This role is critical in ensuring the security of our cutting-edge, highly scalable platform, including the review and guidance for new technological domains such as Artificial Intelligence (AI) and Machine Learning (ML) systems.
What You'll Do:
- Expand the application security landscape at Coupa
- Being a hands-on developer is a key responsibility in this role, with strong proficiency in secure coding practices
- Strong software development skills in languages such as Java, .Net, and Python
- Ability to perform code reviews and mentor junior team members
- Passion for building security-focused features that perform at scale
- Track vulnerability reports and contribute security fixes
- Design and implement application changes to meet security compliance requirements
- Lead and execute Security Architecture Reviews, Threat Modeling, and Design Reviews for new and existing platform components to proactively identify and mitigate security risks.
- Conduct Security Reviews for AI/ML models and systems, addressing unique risks associated with data integrity, model poisoning, privacy, and adversarial attacks.
- Evaluate new security technologies and make recommendations to strengthen our application
- Be a champion of Coupa’s Secure Software Development Lifecycle (SSDLC) methodologies, integrating security earlier into the development pipeline.
- Work closely with the Operations Security team to review and define our best practices
What You Will Bring to Coupa:
- Leadership & Experience: 2+ years as a Lead Software Engineer or Lead AppSec Engineer; able to independently drive projects from design through delivery.
- Technical Expertise: Strong in Java, .NET, or Python; experienced building secure web applications/microservices and designing complex, distributed systems.
- Security Architecture & Threat Modeling: Skilled in formal security architecture/design reviews and threat modeling methods (STRIDE, DREAD).
- Security Foundations: Deep knowledge of OWASP Top 10, SANS Top 25, identity and access management (SAML, OIDC, SSO), OAuth flows, and core cryptographic algorithms (DES, RSA, HMAC, SHA, etc.).
- Systems & Development Practices: Familiar with design patterns, scalability, high availability, concurrency, and SQL/NoSQL databases; strong communication, self-motivation, and continuous learning mindset.
- Additional/Preferred Skills: Background in AI/ML security (MLOps, adversarial robustness), compliance frameworks (HIPAA, PCI, SOX, FedRAMP), plus conference presentations or open-source contributions.
The estimated pay range for this role is $125,000 - $162,000
The starting salary for the successful candidate will be based on permissible, non-discriminatory factors such as skills, experience, and geographic location.
Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees.
Please be advised that inquiries or resumes from recruiters will not be accepted.
By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.
Top Skills
.Net
Java
Python
Similar Jobs at Coupa
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Senior Solutions Consultant provides technical expertise during the sales process, creating presentations, demonstrations, and materials to drive Coupa's revenue. This role requires strong experience in selling SaaS solutions and managing customer accounts, alongside delivering high-quality technical presentations.
Top Skills:
AribaConcurCoupaIvaluaNetSuiteOracleSAP
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Senior FP&A Analyst at Coupa plays a key role in supporting financial analysis and operational efficiency, focusing on forecasting, budgeting, and decision-making processes while collaborating with various teams.
Top Skills:
AnaplanExcelNetSuiteSalesforce
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Sr. Manager, User Group Program will lead the global user group program, managing team operations, implementing Bevy, and overseeing event execution and community engagement.
Top Skills:
BevyGoldcastMarketoSalesforceTableau
What you need to know about the NYC Tech Scene
As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.
Key Facts About NYC Tech
- Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
- Key Industries: Artificial intelligence, Fintech
- Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
- Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory
