Commvault
Senior Application Security Tester
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Commvault
Commvault Systems, Inc. is a data protection and resilience company based in Tinton Falls, New Jersey. Founded in 1988 as a part of Bell Labs and becoming independent in 1996, Commvault has over 25 years of experience in helping organizations protect, recover, and manage their data across various platforms and environments. The company has evolved from providing backup solutions to offering a unified resilience platform that addresses the challenges of growing data volumes and cyber threats. Commvault's core offerings include Intelligent Data Services, which can be deployed on-premises, in the cloud, or as managed services. Key products include Commvault Cloud, a cloud-native platform for data security and recovery, and Metallic, an enterprise-grade SaaS portfolio for Backup-as-a-Service. The company emphasizes innovation, holding over 1,500 patents and being recognized as a leader in the Gartner Magic Quadrant for Backup and Data Protection Platforms. Commvault serves a diverse range of leading organizations, focusing on resilience against breaches and disasters while maintaining a commitment to sustainability.
Security at Commvault
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Stated AppSec Mission: "responsible for Commvault's cyber defense, product security and customer assurance"– Leadership bio.
- "we help customers integrate security into products from the planning stage through design, development, testing, and deployment."– Trust Center Developer Enablement vs. Gatekeeping: "Collaborate with DevOps, Engineering, and Cloud teams".
- "Provide remediation guidance to development teams and validate fixes.".
- "Categorize, prioritize, and mitigate risk and threats"– Trust Center Stated Pain Points or Goals (Verbatim): "We execute our program with a growth mindset and invest in our people, systems, and technology to continously evolve and innovate."– Trust Center Gaps & Contradictions: No public statement frames AppSec specifically as "developer-first"or as strictly "security sign-off.".
Security Team
Org Structure & Reporting Line: Information not publicly available. Key Public-Facing Leaders: 1. Bill O'Connell, Chief Security Officer – https://www.commvault.com/bios/leadership/bill-oconnell Key Quote: "responsible for Commvault's cyber defense, product security and customer assurance"– Commvault (https://www.commvault.com/bios/leadership/bill-oconnell), Leadership bio, 2. Roland Cloutier, Global Chief Security Officer & Cyber Resilience Council – https://www.commvault.com/about-us/leadership Team Size Estimate (as_of:): LinkedIn Search Query Used: "site:linkedin.com "Commvault" "Application Security"" Result: Information not publicly available Active AppSec Job Postings (as_of:): Count: 2 - "Senior Application Security Tester"; team size must be inferred from non-authoritative signals.
Key Initiatives
- Security Champions Program: Status: No Evidence Found. "Shift Left"in Practice: "Lead threat modeling and security assessments across the SDLC.".
- "Conduct code reviews and perform secure code analysis, as necessary.".
- "Categorize, prioritize, and mitigate risk and threats"– Trust Center Secure SDLC Artifacts: "Lead threat modeling and security assessments across the SDLC.".
- "Perform detailed application security testing (DAST, SAST, IAST) on internal and customer-facing applications.".
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.