AppSec Jobs
← Back to all jobs

Ironclad

Staff Application Security Engineer

San Francisco, CAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Ironclad

Ironclad is a San Francisco-based SaaS company founded in 2014 that specializes in AI-powered contract lifecycle management (CLM) software. The platform is designed to assist legal, sales, finance, and procurement teams in efficiently creating, negotiating, signing, storing, and analyzing contracts. Ironclad's cloud-based solution offers customizable workflows, Docx-native editing, and advanced AI features, including an AI assistant named Jurist that helps with drafting, editing, and summarizing contracts. The company has achieved significant milestones, including multiple funding rounds and the acquisition of PactSafe. Ironclad's platform emphasizes faster deal-making, high user adoption rates, and cost reductions. It integrates seamlessly with existing technology stacks and provides robust security features, making it a preferred choice for enterprise clients, particularly in financial services and crypto. The software enhances collaboration and offers insights through centralized approvals, risk tracking, and analytics, ultimately streamlining the entire contract management process.

Industry

information technology & services

Employees

640

222 engineers

Revenue

$150M

Website

Visit →

Security at Ironclad

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Ironclad's AppSec philosophy is built on 'people-first' security and early collaboration.
  • They prioritize embedding security into the development lifecycle rather than acting as a final gatekeeper. - Stated AppSec Mission: "Security doesn't fail because of tools.
  • It fails because of people - and how we fail to talk to each other."– Nathan Koester (LinkedIn), ⚠️ - Developer Enablement: "Early and frequent handoffs - share roadmaps and architecture with security before the work starts..."– Nathan Koester (LinkedIn), ⚠️ - Risk Philosophy: "Conduct threat modeling and risk analysis to protect sensitive data."– Indeed (Job ID: ef1d2fe8d36b5130), Job Post, ⚠️.

Security Team

Ironclad's security organization is led by Dimitry Dukhovny, who serves as the CISO. The team includes specialized roles such as Staff Application Security Engineers and Staff Security Engineers. The organizational philosophy emphasizes that security is a human-centric challenge, focusing on how teams communicate rather than just the tools they use. Key Leaders: - Dimitry Dukhovny, CISO – https://ironcladapp.com/about-us - Nathan Koester, Staff Security Engineer – https://www.linkedin.com/pulse/inside-security-nathan-koester-staff-engineer-ironclad-leen-inc-xekxc Team Size Estimate (as of): Information not publicly available via provided sources. Active Job Postings: Staff Application Security Engineer (Indeed).

Key Initiatives

Ironclad maintains several active security workflows designed to proactively identify risks and integrate security into the engineering rhythm. - Security Champions: "Designate security champions - mid-to-senior ICs on engineering teams who act as the bridge."– Nathan Koester (LinkedIn), ⚠️ - Vulnerability Management: "Ironclad conducts annual penetration testing and quarterly vulnerability testing..."– Ironclad Security (ironcladapp.com/security), ⚠️ - CI/CD Integration: "Integrate security review processes into Ironclad's CI/CD pipeline."– Indeed (Job ID: ef1d2fe8d36b5130), Job Post, ⚠️ - Secure SDLC: "Conduct threat modeling and risk analysis to protect sensitive data."– Indeed (Job ID: ef1d2fe8d36b5130), Job Post, ⚠️

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.