Remote (Global) Employment $227000/year

RevenueCat is hiring a Senior Application Security Engineer

About the Role

As a Senior Application Security Engineer, you'll play a central role in shaping how security is integrated across the development process. Rather than acting as a gatekeeper, you'll work alongside engineers and product teams to build safeguards that enable faster, safer delivery. Your focus will be on designing systems and tooling that make secure choices the easiest choices.

What You’ll Do

  • Partner with engineering and product teams to identify and resolve security risks early in the development cycle
  • Develop automated solutions to detect and prevent vulnerabilities, reducing manual overhead
  • Design reusable frameworks that enforce secure patterns by default in both web and mobile applications
  • Lead code and architecture reviews with a focus on identifying potential threats and mitigating risks
  • Perform threat modeling to anticipate security challenges before they arise
  • Support the triage and resolution of findings from internal and external sources, including bug bounty reports
  • Use insights from real-world issues to improve underlying security infrastructure
  • Collaborate with infrastructure teams to align application and platform-level protections
  • Help establish secure practices around emerging technologies, including AI-driven development and agentic systems

What We’re Looking For

  • A proactive mindset—able to spot gaps and drive improvements independently
  • Strong experience identifying security flaws through code analysis in mobile and backend environments
  • Hands-on familiarity with security tooling such as SAST scanners and proxy tools
  • Understanding of modern web and mobile security risks, including those related to AI systems like prompt injection and MCPs
  • Passion for creating developer-friendly security solutions that encourage adoption
  • Ability to adapt quickly in a fast-moving environment and reprioritize based on impact

Nice to Have

  • Background securing mobile SDKs for iOS or Android
  • Experience hardening backend services built in Python

Technology Environment

You’ll work with tools including static analysis platforms, traffic proxies, large language models, AI coding assistants, and systems involving multi-party computation and prompt injection detection. Mobile SDKs and Python-based backend services are key components of the stack.

Work Environment

This is a fully remote role with flexible scheduling. We support asynchronous collaboration and value sustainable work rhythms. Team members are encouraged to take 4 to 5 weeks of time off annually to support long-term well-being.

Compensation & Benefits

  • Competitive equity package in a well-funded Series C startup with long-term option exercise windows (10 years)
  • One-time $2,000 USD stipend for home office setup
  • Annual $1,000 USD allowance for professional development and learning

Our Values

We emphasize customer focus, ownership, continuous delivery, and personal balance. You’ll thrive here if you take initiative, ship meaningful work, and value both accountability and sustainability.

Required Skills
SAST toolsproxiesLLMsAI coding toolsMCPsprompt injection detectionmobile SDKsiOSAndroidPythoncode reviewsecurity automationweb application securitymobile application securityframework development SAST toolsproxiesLLMsAI coding toolsMCPsprompt injection detectionmobile SDKsiOSAndroidPythoncode reviewsecurity automationweb application securitymobile application securityframework development
Invoicing holding you back?

Focus on work, not paperwork

Stop worrying about invoicing, taxes, and compliance. Glopay handles the business setup, you handle the client work. Get paid faster and look professional.

Auto-generated compliant invoices
Built-in expense management
Income reports for tax season
95% of earnings stay with you
Try Glopay free
No credit card needed
About company
RevenueCat
RevenueCat removes the headaches of building and scaling in‑app subscriptions. It is the default monetization platform for mobile, used in >40% of newly shipped subscription apps, processing $10B+ in annual purchase volume, and helping developers from solo devs to large teams understand and grow their revenue.
All jobs at RevenueCat Visit website
Job Details
Department Engineering
Category security
Posted 2 hours ago