Summary

Join Guidewire’s Product Security Incident Response Team (PSIRT) in Bangalore, where we are dedicated to safeguarding the integrity of Guidewire’s industry-leading insurance technology products. Our team collaborates across engineering, product, legal, and customer support to proactively manage and resolve security incidents, ensuring our solutions remain secure and reliable. We foster a culture of continuous improvement, innovation, and teamwork, leveraging the latest technologies to protect our customers and data.
As a Senior Security Engineer, you will play a pivotal role in strengthening Guidewire’s product security posture. You will contribute to vulnerability management, incident response, and penetration testing efforts, directly impacting the safety and trust of our global customer base. This is an exciting opportunity to solve complex security challenges, work with cutting-edge cloud and AI technologies, and contribute to Guidewire’s mission of transforming the insurance industry through secure, innovative solutions.

Job Description

What you’ll do

Lead the triage, validation, and resolution of product security incidents and vulnerabilities across Guidewire applications, ensuring robust execution of the PSIRT process.

Perform root cause analysis, risk assessment using industry-standard metrics (e.g., CVSS), and provide actionable guidance to engineering teams.

Collaborate cross-functionally with product, engineering, customer support, legal, and external security researchers to drive timely closure of security issues.

Conduct security reviews, code reviews, and penetration testing—including AI/LLM feature testing—to identify and remediate vulnerabilities.

Develop, maintain, and enhance security incident monitoring, detection, and response tools and processes.

Support the preparation and delivery of security releases, and assist teams in reproducing, triaging, and addressing application security vulnerabilities.

Validate findings from security scanning tools and contribute to continuous improvement of DAST, SAST, SCA, and container security processes.

At Guidewire, we foster a culture of curiosity, innovation, and responsible use of AI—empowering our teams to continuously leverage emerging technologies and data-driven insights to enhance productivity and outcomes.

What you’ll bring

Required

Demonstrated ability to embrace AI and apply it to your current role as well as data-driven insights to drive innovation, productivity, and continuous improvement.

7-9 years of relevant application security experience, with at least 3-5 years in hands-on penetration testing.

Strong understanding of OWASP Top 10, product security vulnerabilities, and AI-related security risks.

Experience with static and dynamic code analysis, vulnerability scanning, and pen testing tools.

Excellent written and verbal communication skills, with a proven ability to build relationships and influence across teams and with external stakeholders.

Scripting or development experience (Python, Java, C++, shell scripting) is a significant plus.

AWS/cloud security experience is highly valued.

Industry certifications (e.g., CSSLP, CISSP, GIAC, OSCP) preferred.

Participation in bug bounty programs and knowledge of the security research community is a plus.

About Guidewire

Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 540+ insurers in 40 countries, from new ventures to the largest and most complex in the world, run on Guidewire.

As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1600+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.

For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.

Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.