AppSec Jobs
← Back to all jobs

Workato

Staff Security Engineer, Identity & Access Management (IAM)

Chennai, Tamil Nadu, IndiaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Workato

Workato is a cloud-based enterprise automation platform founded in December 2013 and headquartered in Mountain View, California. The company was established by a team of experienced professionals who previously worked together at TIBCO Software. Workato focuses on enabling IT and business teams to create low-code/no-code integrations and automations that connect various applications, systems, and services. The platform's core feature is "Recipes,"which are pre-built, shareable automation templates designed to address common integration challenges without requiring extensive coding. Workato also offers AgentX, which provides pre-built applications to enhance business processes and improve productivity. The platform is tailored for enterprises adopting SaaS, promoting collaboration between IT and business users while ensuring ease of use and robust capabilities. Workato has achieved significant milestones, including a valuation of $1.7 billion in September 2021 and strategic partnerships to further enhance its offerings.

Industry

information technology & services

Employees

810

283 engineers

Revenue

$150M

Website

Visit →

Security at Workato

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

### Section 1: AppSec Philosophy & Stated Priorities **Stated AppSec Mission:** * "Workato has a comprehensive approach to security."– Workato Docs (https://docs.workato.com/security.html), Documentation. **Developer Enablement vs. Gatekeeping:** * "Embed with engineering teams to ensure security is part of every phase"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. * "Act as a security champion within product teams"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. **Risk Philosophy:** * "perform early threat modeling"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. * "principle of least privilege through a role-based access control (RBAC) model."– Workato Docs (https://docs.workato.com/security.html), Documentation. **Stated Pain Points or Goals (Verbatim):** * "Security Tooling & Automation: Collaborate with the broader ProdSec and DevOps teams"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. **Gaps & Contradictions:** * Specific internal pain points or future-looking goals from leadership interviews are not publicly available.

Security Team

### Section 2: The AppSec Team: People & Structure **Org Structure & Reporting Line:** * "Embed with engineering teams to ensure security is part of every phase"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. **Key Public-Facing Leaders:** * Information not publicly available. **Team Size Estimate (as_of:):** * LinkedIn Search Query Used: `people at Workato with "Security"in title` * Result: Information not publicly available (exact range requires non-public data access). **Active AppSec Job Postings (as_of:):** * Count: 1 (Security Engineer, AppSec) * Common Skill/Tool Patterns: "Security Tooling & Automation,""threat modeling,""security champion."

Key Initiatives

### Section 3: AppSec Initiatives & Workflows **Security Champions Program:** * **Status:** Evidence Found * "Act as a security champion within product teams"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. **"Shift Left"in Practice:** * "perform early threat modeling"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. * "ensure security is part of every phase"– Security Engineer, AppSec job posting (Job ID: 2316), Job Posting. **Vulnerability Management Process:** * **Intake:** Information not publicly available. * **Triage/Remediation:** Information not publicly available. **Secure SDLC Artifacts:** * "SOC 2 Type II"– Workato Security Compliance (https://docs.workato.com/security/security-compliance.html), Documentation. **Recent Initiatives (Last 6 Months):** * "decentralization with proper governance"⚠️ – Best practices for advanced security and governance (Workato Product Hub), Product Blog.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.