Senior Application Security Engineer

Job Summary

To support the next generation of Application Security, the full-time Senior Application Security Engineer will own the code and pull-request enforcement layer, ensuring secure AI-assisted development while working remotely in a hands-on role that fosters collaboration with engineering teams.

Key responsibilities

• Operate and continuously tune the SAST, SCA, and secrets-detection pipeline while designing security gates for AI-authored code
• Own security for AI-assisted development tools and partner with engineering to implement security policies and threat models for new features
• Scale the threat modeling framework and develop a security training program for engineers, embedding security criteria into the design process

Required qualifications

• 6+ years of engineering experience, with 4+ years in AI Application Security or Product Security in a SaaS environment
• Hands-on development experience with proficiency in at least two programming languages such as Python, JavaScript, or Go
• Experience with agentic AI and MCP development, including building or integrating AI tools into engineering workflows
• Production operation experience with SAST/SCA pipelines, including rule authoring and CI/CD integration
• Demonstrated ownership of a threat modeling or developer security training program, with metrics to prove effectiveness