Senior Application Security Engineer

Requirements and responsibilities

Readable role content extracted into sections for faster review.

The role:

Participate in security code and system reviews, threat modeling and risk assessments.
Support the Bug Bounty program, helping teams on triaging, prioritizing and fixing issues, learning the common issues and using that information to improve the foundations.
Collaborate closely with infra security to level up our security posture.

About you:

You are proactive: You see what is needed, you take action and own problems to turn them into solutions.
You love building frameworks and automation: You see that the best way to ensure that security and best practices are followed is to make something so easy and joyful to use that nobody wants to use anything else.
You are AI-Curious: You understand how LLMs and AI coding tools are changing engineering, you want to embrace and use them effectively to keep security level up.
You are agile: You move fast, iterate quickly, pivot and reprioritize when needed to maximize impact.
Technical Depth:Deep understanding of common security flaws and ways to address them, both in web and mobile app environments.Experience identifying security issues through code review.Experience with common security tools and services, like SAST tools, proxies…You are familiar with new AI security risks regarding MCPs, prompt injection and others. You want to help build safer guardrails for the new agentic development and AI adoption in the product.Experience securing mobile SDKs (iOS/Android) and backend services (Python) is highly valued
Deep understanding of common security flaws and ways to address them, both in web and mobile app environments.
Experience identifying security issues through code review.
Experience with common security tools and services, like SAST tools, proxies…
You are familiar with new AI security risks regarding MCPs, prompt injection and others. You want to help build safer guardrails for the new agentic development and AI adoption in the product.
Experience securing mobile SDKs (iOS/Android) and backend services (Python) is highly valued

Details

Deep understanding of common security flaws and ways to address them, both in web and mobile app environments.
Experience identifying security issues through code review.
Experience with common security tools and services, like SAST tools, proxies…
You are familiar with new AI security risks regarding MCPs, prompt injection and others. You want to help build safer guardrails for the new agentic development and AI adoption in the product.
Experience securing mobile SDKs (iOS/Android) and backend services (Python) is highly valued

In the first month, you'll:

Meet your team!
Get up to speed on our infrastructure, services and codebases.
Familiarize yourself with SDK and backend, how they interact.
Explore the bug bounty platform and reports.
Ship your first project.

Within the first 3 months, you'll:

Be able to scope and work on tasks self-sufficiently.
Participate in code reviews, security design reviews.
Participate actively in the bug bounty program.

Within the first 6 months, you'll:

Understand deeply risks and threats on SDK, how SDK and backend interact and the backend application.
Actively contribute to improve security, pushing and introducing frameworks, tools or services that have measurable impact.
Collaborate closely with other teams, creating ties, trust relationships, providing security guidance.

Within the first 12 months, you'll:

Be the go-to expert for application security issues, seek for security reviews, threat assessments.
Have your own initiatives for improving application security.

What we offer:

Competitive equity in a fast-growing, Series C startup backed by top-tier investors, including Y Combinator
10-year window to exercise vested equity options
Fully remote and flexible work environment
4-5 weeks of suggested time off annually for mental, physical, and emotional recharge
$2,000 USD for workspace setup and $1,000 USD annual stipend for continuous learning

Similar roles