22 days ago
San Francisco, CA, USA or New York, NY, USASenior
Base Salary
$130k - $500k/yr
Responsibilities
- Embed security review workflows in the software development lifecycle.
- Integrate SAST/DAST pipelines into CI/CD processes.
- Manage vulnerability processes prioritizing real exploitability.
- Establish secure coding standards for engineering teams.
- Develop threat models for new features and architecture changes.
- Operate and triage a bug bounty program.
Requirements
- 5+ years of experience in application security or related fields.
- Proficient in Python, TypeScript, or Go for code review.
- Deep understanding of web application security and OWASP Top 10.
- Experience with SAST/DAST tooling like Semgrep or CodeQL.
- Ability to manage a vulnerability pipeline from discovery to remediation.
- Experience in threat modeling modern web frameworks and APIs.
Benefits
- Work in-person five days a week at the San Francisco headquarters.
- Ownership of the application security domain from day one.
- Use of frontier AI tools for security tasks.
- Opportunity to work alongside leading AI labs and understand future model capabilities.