Equinix
Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Equinix
Equinix, Inc. is a prominent American multinational company based in Redwood City, California, specializing in digital infrastructure through its extensive network of data centers and interconnection services. Founded in 1998, Equinix pioneered network-neutral colocation centers, allowing various networks and enterprises to connect and exchange data efficiently. The company operates over 260 data centers across 33 countries, making it one of the largest global data center providers. Equinix offers a range of services, including colocation services for housing IT infrastructure, interconnection solutions through Equinix Fabric, and a platform for internet traffic exchange via the Equinix Internet Exchange. The company supports diverse customers, including telecommunications carriers, cloud service providers, and large enterprises, helping them connect directly to essential partners and providers. Committed to sustainability, Equinix focuses on renewable energy use in its data centers and emphasizes values such as openness, honesty, and customer-centric service.
Security at Equinix
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Equinix's Application Security (AppSec) philosophy centers on valuing the security of its customers, their data, and services.
- The company aims to embed security controls and tools, such as SAST, SCA, DAST, and Secrets Scanning, into CI/CD pipelines, emphasizing a 'shift-left' approach to detect and remediate vulnerabilities early in the SDLC.
- Their risk philosophy ensures security is integrated across platforms, products, and services from the outset.
- Stated goals include investigating and remediating vulnerability issues and partnering with application teams to adopt secure coding practices.
- However, explicit public statements describing a centralized versus embedded AppSec organizational model are not available.
Security Team
Equinix's global security organization reports to Harmeen Mehta, Executive Vice President and Chief Digital and Innovation Officer. Key public-facing leaders include Douglas Merrill, Chief Information Security Officer, who leads the global security organization, and Justin Dustzadeh, Chief Technology Officer, who leads technical innovation. The team size is not publicly available, but there is one active 'Application Security Engineer' job posting (JR-156685) as of. Common skill and tool patterns mentioned in job postings include embedding security controls into CI/CD pipelines (SAST, SCA, DAST, Secrets Scanning), hands-on experience with CI/CD tools like GitHub Actions, and familiarity with tools such as Apiiro, Nexus IQ, Snyk (for SCA), SonarQube, Traceable (for API security/DAST), OPSWAT MetaDefender, and Terraform. Explicit headcount, org chart, or details on embedded vs. centralized AppSec team boundaries are not publicly available.
Key Initiatives
Equinix does not have publicly available evidence of a Security Champions Program. However, they actively implement 'shift-left' security practices by embedding security controls and tools into CI/CD pipelines to detect and remediate vulnerabilities early in the SDLC. Their vulnerability management process includes intake via a 'report security bug' mechanism and involves investigating and remediating issues, partnering with application teams. Details on SLA/MTTR or specific ticketing systems are not publicly available. Secure SDLC artifacts include working with application teams on secure design principles, threat modeling, and architecture reviews, as well as designing and maintaining code for Security Orchestration, Automation, and Response (SOAR) policy as code. Recent initiatives (within the last 6 months) include the redesign of Equinix's global security organization, led by Douglas Merrill, the new CISO.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.