about 3 hours ago
Base Salary
$165k - $190k/yr
Responsibilities
- Design and execute greenfield AppSec initiatives across Tatari's SaaS platform.
- Build and maintain security automation integrated into CI/CD pipelines.
- Own container security across build and runtime.
- Develop internal tooling and libraries for secure coding.
- Manage SAST/DAST/SCA tooling including selection and integration.
- Conduct application security reviews and threat models for new features.
- Identify and remediate vulnerabilities across APIs, services, and data pipelines.
- Partner with Engineering teams to establish secure coding standards.
- Assess and mitigate LLM-introduced risks in product features.
- Integrate agentic tooling into AppSec workflows.
- Contribute to security incident response for application-layer issues.
Requirements
- Production Python experience with the ability to review code and build security tooling.
- Significant hands-on application security experience, ideally at a SaaS company.
- Working knowledge of established security standards like OWASP Top 10.
- Experience with threat modeling alongside Product and Engineering teams.
- Familiarity with AWS and Kubernetes security controls.
- Knowledge of how LLMs introduce new attack surfaces.
- Experience reviewing API designs for security vulnerabilities.
- Track record of embedding with Engineering teams for code review and standards definition.
- Experience building or maturing an AppSec program from scratch.
Benefits
- Total compensation between $165,000-$190,000.
- Equity compensation.
- Health insurance coverage for you and your dependents.
- 401K, FSA, and commuter benefits.
- $150 monthly spending account.
- $1,000 annual continued education benefit.
- $500 Newbie Productivity Perk.
- Unlimited PTO and sick days.
- Monthly Company Wellness Day Off.
- Snacks, drinks, and catered lunches at the office.
- Team building events.
- Hybrid RTO of 2 days per week in office.