Anaplan
Senior Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Anaplan
Anaplan is a cloud-based connected planning platform founded in 2006 in Yorkshire, England. The company provides a scalable and collaborative platform that integrates financial, sales, supply chain, and operational planning processes into a unified system. Its goal is to enhance decision-making in complex business environments through dynamic scenario planning, in-depth analysis, and predictive insights. The Anaplan platform features patented in-memory technology called Hyperblock, which efficiently handles large datasets and complex calculations. Key offerings include a connected planning platform that links various business functions, tools for scenario planning and analysis, and solutions for forecasting and performance management. Anaplan also has an App Hub, a marketplace for business planning applications, and collaborates with a global network of partners to deliver tailored solutions across various industries. Anaplan serves a wide range of sectors, including consumer goods, healthcare, manufacturing, and technology, focusing on large enterprises that seek to modernize their planning processes. The company fosters a culture of innovation and collaboration, emphasizing customer success and value.
Security at Anaplan
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“Anaplan's AppSec philosophy is centered on "Enterprise-class security and compliance."They aim for "embedding security into every stage of the product development lifecycle"and to "integrate security controls across the software development lifecycle (SDLC)."A stated goal is to "Take ownership of vulnerability management processes."Explicit public statements by Anaplan leadership describing a formal AppSec philosophy beyond platform security marketing language are not publicly available.”
Security Team
Anaplan has a "Global Information Security team"responsible for security, but an explicit AppSec org chart or reporting chain is not publicly available. No current, explicit "Head of Application/Product Security"with a public talk/bio describing AppSec was found. Team size estimate is not publicly available. As of, there is evidence of at least one active Product Security / AppSec job posting. Common skill/tool patterns from job postings include integrating security controls across the SDLC, conducting basic threat modeling exercises, and experience working within CI/CD pipelines. Overall AppSec headcount, full roster of leaders, and consolidated list of ongoing AppSec hires beyond the Greenhouse posting(s) are not publicly available.
Key Initiatives
A Security Champions Program status is not publicly available. "Shift Left"practices include "integrate security controls across the software development lifecycle (SDLC)"and "Experience working within CI/CD pipelines."The Vulnerability Management Process involves responsible disclosure guidance, stating "This page is only for responsible disclosures"and "We do not provide bounties at this time."Responsibility exists to "Take ownership of vulnerability management processes,"but explicit SLA/MTTR targets, triage ticketing workflow, and formal remediation SLAs are not publicly available. Secure SDLC Artifacts include "regular web application scanning (WAS) process"and "Conduct basic threat modeling exercises."Cadence of penetration tests, requirement thresholds for mandatory threat models, or documentation of formal secure design review ceremonies are not publicly available. Recent initiatives (last 6 months) include active hiring for Product Security roles and continued emphasis on SDLC integration, with "embedding security into every stage of the product development lifecycle."Specific new tool rollouts or named program launches within the last 6 months are not publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.