# Lead Application Security Engineer

**Company:** [Eve](https://hotfix.jobs/companies/eve)
**Location:** San Mateo, CA
**Role:** Security Engineering
**Salary:** $195k – $300k/yr
**Experience:** 5+ years
**Skills:** Application Security, Cloud Security, AWS, Identity And Access Management, SAML, OAuth, IAM, Ai Security, Kubernetes, GCP, TypeScript, Python, Go
**Posted:** 2026-05-29

> As a Lead Application Security Engineer at Eve, you will build and scale the product and application security program, securing AI-native workflows and cloud environments. This hands-on role involves writing code, building automation, and hardening systems to ensure security without compromising trust.

## Job Description

## What You'll Do

* Build and scale Eve's product and application security program across design reviews, threat modeling, code review, vulnerability management, and secure deployment.
* Partner with engineering teams to secure AI-native workflows, including data handling, prompt-injection risk, model/tool access, and sensitive legal information flows.
* Track emerging security trends, including red-team AI-based offensive tactics and blue-team AI-based defensive tactics where applicable, and translate them into pragmatic product and engineering roadmap recommendations.
* Develop practical defenses for AI-enabled abuse cases such as prompt injection, model/tool misuse, data exfiltration, unsafe agent behavior, and sensitive legal data exposure.
* Develop internal security tooling and automation for areas like dependency scanning, secrets detection, access review, abuse detection, and security workflow triage.
* Review architecture and product changes for security risks, then help implement pragmatic fixes directly in the codebase when needed.
* Strengthen cloud, infrastructure, and deployment security across identity, permissions, network boundaries, CI/CD, monitoring, and incident response.
* Build security practices that help Eve move faster: clear standards, lightweight processes, reusable libraries, and guardrails that fit how engineers actually work.
* Support compliance and customer trust efforts by helping translate Eve's security posture into clear, accurate technical evidence.
* Stay close to the product and customers so security decisions reflect real user workflows, business needs, and the sensitivity of legal work.

## What We're Looking For

* **Technical Depth:** 5+ years of experience in application security, including significant time spent writing and reviewing code.
* **Software Engineering Skills:** Proficiency in more than one major coding language. You should be comfortable contributing directly to the codebase.
* **Cloud & Containers:** Practical experience securing cloud environments (AWS preferred) and a strong understanding of cloud security.
* **Systems Thinking:** A deep understanding of identity and access management (SAML, OAuth, IAM) and how to protect sensitive data at rest and in transit.
* **AI Security Fluency:** Awareness of red-team AI-based offensive tactics and blue-team AI-based defensive tactics, with good judgment about where those techniques apply in real products.
* **Security Curiosity & Roadmap Ownership:** Staying current with the security landscape and turning emerging threats, tools, and defensive patterns into practical quarterly roadmap recommendations.
* **Pragmatism:** The ability to balance security risks with business velocity. You should be able to propose creative "middle ground" solutions that reduce risk without blocking progress.
* **Versatility:** A willingness to jump into areas adjacent to traditional AppSec—e.g. data analysis, AI security research, or protecting against prompt injection—to get the job done.

## Nice To Have

* Experience securing SaaS products that process sensitive customer data.
* Experience with legal, healthcare, fintech, enterprise SaaS, or other regulated/high-trust environments.
* Experience with Kubernetes, GCP/AWS, TypeScript, Python, Go, or similar production engineering stacks.
* Familiarity with SAML, OAuth, OIDC, RBAC/ABAC, audit logging, data encryption, and enterprise security controls.
* Experience building security programs at a high-growth startup.

## Benefits

* 💰 Competitive Salary & Equity
* 💹 401(k) Program with Employer Matching
* ⚕️ Health, Dental, Vision and Life Insurance
* 🩼 Short Term and Long Term Disability
* 🚗 Commuter Benefits*
* 🧑‍💻 Autonomous Work Environment
* 🖥️ Workplace Setup Reimbursement
* 🏠 Telecomm Stipend
* 🏝 Flexible Time Off (FTO) + Holidays
* 🚀 Quarterly Team Gatherings
* 🥪 In office Perks*

*In office employees only

## Similar roles

- [Senior Security Engineer](https://hotfix.jobs/jobs/67ecbd99-dcbb-469e-85c6-80e4c16d9cc5) - Orb - San Francisco, CA - $195k – $265k/yr
- [Senior Security Engineer, Offensive Security](https://hotfix.jobs/jobs/360a6e5f-3142-48ee-b4d9-1586d318a5ce) - Datadog - New York, NY - $195k – $240k/yr
- [Senior Security Software Engineer](https://hotfix.jobs/jobs/c601cd87-774d-4045-9cc3-064f36c62f6d) - Hover - San Francisco, CA - $194k – $239k/yr
- [Senior Software Engineer, Enforce - Safety Processing](https://hotfix.jobs/jobs/e212d5d6-b31c-466e-ac7e-48d9fed1e0bf) - Discord - San Francisco, CA - $196k – $221k/yr
- [Senior Security Engineer, Enterprise Security](https://hotfix.jobs/jobs/5a7f8aa1-927f-4e47-9a57-10eca20a04f2) - Discord - San Francisco, CA - $196k – $221k/yr

**Apply:** https://hotfix.jobs/jobs/28bc7a37-3ae2-4964-90dd-cc38ce1529d4
**Canonical:** https://hotfix.jobs/jobs/28bc7a37-3ae2-4964-90dd-cc38ce1529d4