Senior Application Security Engineer

Save to Kiter
What Conviva is looking for in applicants

Have you streamed a program on Disney+, caught the latest binge-worthy series on Hulu, or tuned in for NFL highlights on social media? If the answer is yes, you have already benefited from Conviva’s technology.

At Conviva, we create the technologies and standards driving industry transformation and streaming media growth worldwide. It’s not about the data, it’s about what you do with it. As the leader in global streaming media intelligence, Conviva measures in excess of 500 million unique viewers watching 150 billion streams per year with 1.5 trillion real-time transactions per day across more than 180 countries. Our platform and products are designed to deliver the real-time, cross-screen, integrated insights our customers need to understand their business and focus on what matters. Join us as we make streaming better.

Senior Application Security Engineer

Conviva is seeking a qualified Senior Security Engineer to join our innovative InfoSec team. Conviva InfoSec team is focused on supporting Conviva Cloud Infrastructure and Corporate Information Security through planning, implementing, and monitoring security measures to provide holistic security to Conviva Products, Cloud Services, and Information Systems. The InfoSec team actively works with other Conviva teams in promoting security and availability of all products and services.

As a Senior Security Engineer at Conviva, this position acts as a bridge between Information Security and Software Engineering teams and helps mature the Application Security Program by integrating security practices and tooling across all phases of SDLC (Software Development Life Cycle) like requirements, design, development, testing, and deployment in a rapidly growing organization. Additionally, it demonstrates awareness and knowledge of a variety of software security concepts, practices, and procedures, and supports the implementation of the same to keep our products secure and compliant.

While we are looking for people who have all the skills outlined in this post, we also recognize that this is rare. So, if you can learn these things, and you have a desire to dig into areas you have not explored yet, this is the position for you.


· Analyze security posture of Conviva applications and coding practices using a variety of tools and frameworks and contribute towards its continuous improvement.

· Perform threat modeling on new products, features and functionalities and act as a trusted advisor to development teams, providing practical advice on secure design, coding, and testing.

· Perform vulnerability assessment, risk analysis and work with stakeholders to address findings and validate adherence to secure SDLC practices.

· Perform manual and tool-based application penetration testing and drive third-party penetration testing activities.

· Develop innovative solutions to application security problems. Automate routine activities and work towards establishing DevSecOps.

· Lead ongoing process and policy improvement efforts.

· Participate in security incident management procedures.

· Conduct research on trending product security, zero-day threats and cybersecurity risks and provide recommendations to protect against such risks.


· BS/MS in CS or related field.

· 6+ years of experience working as Application Security engineer or similar position.

· Strong experience in one or more modern web programming languages/frameworks.

· Strong understanding of GIT, CI/CD Pipelines, containerization (Kubernetes, Docker, etc.), cloud and microservices.

· Excellent understanding of OWASP Risks, Vulnerabilities and Mitigation Mechanisms.

· Experience with BurpSuite, Zed Attack Proxy (ZAP), or similar dynamic testing tools.

· Experience in exploiting common security vulnerabilities in web applications and API (Application Program Interface) services.

· Strong understanding of Cyber Security Operations and Incident Response processes.

· Self-motivated and able to work across diverse technical and non-technical teams.

· Good written, verbal, and interpersonal communication skills.


Conviva is the leader in streaming media intelligence, powered by its real-time platform. More than 250 industry leaders and brands – including CBS, CCTV, Cirque Du Soleil, DAZN, Disney+, HBO, Hulu, Sky, Sling TV, TED, Univision, and WarnerMedia – rely on Conviva to maximize their consumer engagement, deliver the quality experiences viewers expect and drive revenue growth. With a global footprint of more than 500 million unique viewers watching 150 billion streams per year across 3 billion applications streaming on devices, Conviva offers streaming providers unmatched scale for continuous video measurement, intelligence and benchmarking across every stream, every screen, every second. Conviva is privately held and headquartered in Silicon Valley, California, with offices around the world. For more information, please visit us at

Want some tips on how to get an interview at Conviva?

What is Conviva looking for?
If this role looks interesting to you, a great first step is to understand what excites you about the team, product or mission. Take your time thinking about this and then tell the team! Get in touch and communicate that passion.
What are interviews for Senior Application Security Engineer like?
Interview processes vary by company, role and team. The best plan is to see what others have experienced and then plan accordingly.
How to land an interview at Senior Application Security Engineer?
A great first step is organizing your path to an offer. Check out Kiter for tools to get started!