Contextualize Prioritize and ACT ON RISK
Login
Get Access
Demo

Back to Vacancies

Sales Engineer (AppSec & CloudSec)

Apply Now

Phoenix Security is hiring a Sales Engineer (AppSec & CloudSec) to drive technical success across discovery, demos, and POCs. This is a remote-first role focused on technical credibility, clean execution, and helping customers move faster with confidence.

Company Brief

Phoenix Security helps modern security and engineering teams prioritize and fix what actually matters. We connect the dots from code to cloud so customers can move from “too many findings” to a single, contextual backlog with clear ownership, real-world exposure, and measurable outcomes.

We are backed by 30+ CISOs and practitioners who believe in a better way to handle vulnerabilities at scale. Check out the Voice of the Customer (Europe) from Gartner and our customer stories.

Job Brief

Role mission

Your job is to turn qualified opportunities into technical wins by running high-quality discovery, demos, workshops, and POCs — so the AE can close business faster and with less risk.

You are accountable for:

  • Technical progression of opportunities

  • POC quality and win rate

  • Sales cycle reduction (time-to-technical-close)

  • Technical credibility in the deal (security, architecture, integration)

What you’ll do (Responsibilities)

Own the technical close

  • Run deep technical discovery: customer environment, workflows, tooling, constraints, success criteria

  • Design and deliver tailored demos aligned to the customer’s problem and technical reality

  • Lead workshops (security + engineering) to validate fit and map Phoenix value to their process

  • Drive technical close outcomes and document them clearly (customer confirms “technically approved / no blockers”, POC success criteria met, or feasibility validated)

Run POCs that win

  • Define POC plan, scope, and measurable success criteria

  • Coordinate with customer stakeholders (security, platform, dev leads) to unblock access and integrations

  • Turn POCs into proof, not experiments: crisp outcomes, quantified value, clean story for the AE to close

Be the “credibility layer” in complex security deals

  • Handle architecture, integration, and deployment conversations with confidence

  • Address security posture questions (data handling, deployment models, access patterns, compliance context) with clarity and honesty

  • Translate Phoenix’s differentiators into customer language: prioritization, reachability/context, ownership, operational workflow impact

Earn and own customer trust from pre- to post-sale

  • Keep CRM hygiene tight: next steps, risks, decision-makers, technical close artifacts

  • Build reusable demo assets, reference architectures, and POC templates

  • Feed product reality back to engineering: friction points, missing integrations, messaging that resonates

What “good” looks like (Success metrics)

This role is measured on execution, not activity.

You’ll win when you consistently deliver:

  • High technical close rate across qualified opportunities

  • Shorter time-to-technical-close (fewer stalled cycles)

  • POCs that land with clean customer confirmation

  • Low post-sale disruption (fewer onboarding failures or refunds linked to weak technical qualification)

Experience & capabilities we want (Requirements)

Core capabilities

  • 5+ years in a customer-facing technical role: Sales Engineer, Solutions Engineer, Security Engineer, DevSecOps, AppSec, or similar

  • Strong working knowledge of:

    • Vulnerability management workflows (triage, prioritization, remediation coordination)

    • AppSec and cloud-native security fundamentals (SCA, SAST, containers, cloud posture)

  • Proven ability to run:

    • Technical discovery

    • Demos and workshops

    • Structured POCs with clear success criteria and executive-ready outcomes

You’ll thrive here if you are…

  • Comfortable being “in the arena”: real customers, real objections, real constraints

  • A strong writer who documents a technical close like an engineer — not a marketer

  • Independent and pragmatic, able to self-manage in a remote, low-bureaucracy team

Nice-to-haves

  • Experience selling into security teams with strong developer stakeholders (DevSecOps cultures)

  • Exposure to modern tooling: CNAPP, ASPM, SCA, cloud security platforms

  • Familiarity with deploying SaaS platforms into enterprise environments (SSO, access controls, data sources)

How we work

  • Remote-first, flexible hours, delivery-focused

  • High trust, high accountability — you own outcomes end-to-end

  • We optimize for clarity: crisp artifacts, clean handoffs, measurable results

Compensation philosophy (high-level)

This role follows an AE+SE “pod” model, with uncapped commission tied to supported net-new ARR and a technical quality bonus tied to clean execution.

(Full details are defined in the Commission Plan.)

What to send in your application

  • CV or LinkedIn profile to fc@phoenix.security

  • Short note answering:

    • An example of a technical close you drove end-to-end

    • A POC you won (and how you structured it)

To apply for this job email your details to km@phoenix.security.

Apply now

Benefits to work with us

  • Competitive salary
  • Startup equity & extended exercise window
  • Extra company holidays
  • Flexibility in how and where you work
  • 25 days annual leave

Discuss this blog with our community on Slack

Join our AppSec Phoenix community on Slack to discuss this blog and other news with our professional security team

Join Slack community
Linkedin-in Youtube Facebook-f Twitter Instagram

Dive into our full React4Shell analysis. Read the blog →

Derek

Derek Fisher

Linkedin

Head of product security at a global fintech

Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.

Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.

Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.

Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.

In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

Jeevan Singh

Jeevan Singh

Linkedin

Founder of Manicode Security

Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.

James

James Berthoty

Linkedin

Founder of Latio Tech

James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.

christophe

Christophe Parisel

Linkedin

Senior Cloud Security Architect

Senior Cloud Security Architect

Chris

Chris Romeo

Linkedin

Co-Founder
Security Journey

Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.

jim

Jim Manico

Linkedin

Founder of Manicode Security

Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.

Join our Mailing list!

Get all the latest news, exclusive deals, and feature updates.

The IKIGAI concept