Responsibilities
- Help secure AI products and internal tools introducing novel security risks
- Lead “shift left” security efforts in the software development lifecycle
- Conduct secure design reviews and threat modeling to identify risks
- Develop tooling for security code reviews and vulnerability remediation
- Manage vulnerability management program with data pipelines and prioritization
- Oversee bug bounty program, validate submissions, and coordinate remediation
- Collaborate with product engineers to instill security best practices
- Develop security policies, standards, playbooks, and conduct training
You may be a good fit if you
- Have 5+ years of hands-on experience in application and infrastructure security, including cloud and containerized environments
- Strong proficiency in at least one programming language (e.g., Python, Rust, Go, Java)
- Lead with empathy and collaborate cross-functionally
- Leverage creative thinking to reduce risk through secure design
- Possess broad security knowledge across domains
- Distill complex concepts into clear actions
- Proactive mindset for threat modeling and secure code review
- Strong grasp of offensive security
- Experience with modern application stacks and security tools
- Balance security with business objectives
Strong candidates may also
- Expertise securing cloud environments and microservices (Kubernetes, Docker, AWS/GCP)
- Exposure to offensive security (bug bounty, pen testing, red team)
- Familiarity with AI/ML security risks (prompt injection, data poisoning)
- Experience building security tools and automation
- Solid knowledge of software and security engineering principles
- Excellent communication skills
- Thrive in fast-paced environments
Logistics
Education requirements: At least a Bachelor's degree in a related field or equivalent experience.
Annual Salary: $300,000—$405,000 USD