2 days ago
Responsibilities
- Own secure development practices across products, including AuthN/AuthZ patterns and secrets management.
- Integrate security into the development lifecycle through code reviews and pre-deployment checks.
- Conduct threat modeling and translate risks into concrete controls for product releases.
- Build and maintain security tooling and automated checks to enhance codebase security.
- Define the application-layer security model for agentic products and manage agent authorization.
- Work with engineers to establish secure design patterns for agent development.
- Produce security artifacts such as threat models and architecture reviews.
- Define and enforce data protection standards for sensitive customer data.
Requirements
- 5+ years of experience in application or product security with hands-on experience on production systems.
- Strong coding skills and experience in shipping security tooling.
- Deep understanding of application security fundamentals, including OWASP Top 10 and secure SDLC.
- Experience with protecting sensitive data and implementing access controls.
- Ability to work AI-natively and leverage AI for security tasks.
- Familiarity with attack surfaces and trust boundaries in security contexts.
- Comfortable working in regulated industries and translating constraints into security requirements.
- Desire to own and grow the application security function.
Benefits
- Competitive salary plus equity.
- Daily lunches.
- Commuter benefits.
- 401(k) plan.
- Medical, Dental, and Vision insurance.
- Unlimited PTO.