As a Senior Application Security Engineer, you'll play a central role in shaping how security is integrated across the development process. Rather than acting as a gatekeeper, you'll work alongside engineers and product teams to build safeguards that enable faster, safer delivery. Your focus will be on designing systems and tooling that make secure choices the easiest choices.
What You’ll Do
- Partner with engineering and product teams to identify and resolve security risks early in the development cycle
- Develop automated solutions to detect and prevent vulnerabilities, reducing manual overhead
- Design reusable frameworks that enforce secure patterns by default in both web and mobile applications
- Lead code and architecture reviews with a focus on identifying potential threats and mitigating risks
- Perform threat modeling to anticipate security challenges before they arise
- Support the triage and resolution of findings from internal and external sources, including bug bounty reports
- Use insights from real-world issues to improve underlying security infrastructure
- Collaborate with infrastructure teams to align application and platform-level protections
- Help establish secure practices around emerging technologies, including AI-driven development and agentic systems
What We’re Looking For
- A proactive mindset—able to spot gaps and drive improvements independently
- Strong experience identifying security flaws through code analysis in mobile and backend environments
- Hands-on familiarity with security tooling such as SAST scanners and proxy tools
- Understanding of modern web and mobile security risks, including those related to AI systems like prompt injection and MCPs
- Passion for creating developer-friendly security solutions that encourage adoption
- Ability to adapt quickly in a fast-moving environment and reprioritize based on impact
Nice to Have
- Background securing mobile SDKs for iOS or Android
- Experience hardening backend services built in Python
Technology Environment
You’ll work with tools including static analysis platforms, traffic proxies, large language models, AI coding assistants, and systems involving multi-party computation and prompt injection detection. Mobile SDKs and Python-based backend services are key components of the stack.
Work Environment
This is a fully remote role with flexible scheduling. We support asynchronous collaboration and value sustainable work rhythms. Team members are encouraged to take 4 to 5 weeks of time off annually to support long-term well-being.
Compensation & Benefits
- Competitive equity package in a well-funded Series C startup with long-term option exercise windows (10 years)
- One-time $2,000 USD stipend for home office setup
- Annual $1,000 USD allowance for professional development and learning
Our Values
We emphasize customer focus, ownership, continuous delivery, and personal balance. You’ll thrive here if you take initiative, ship meaningful work, and value both accountability and sustainability.
