Security Engineer conducts code reviews, implements secure CI/CD pipelines, performs SAST/DAST testing, and secures AWS infrastructure using Terraform. Requires expertise in TypeScript, Python, NodeJS, and product security best practices to mitigate vulnerabilities in AI/ML products.
206k – 297k/yr
On-siteSecurity Engineering
About the role
Responsibilities
Leverage broad product security expertise to build and maintain software tooling that secures every layer of the modern AI/ML software ecosystem.
Conduct in-depth code reviews to identify and remediate security vulnerabilities.
Evaluate and enhance the security of product offerings through RFC and service review.
Implement and maintain CI/CD pipelines with a strong focus on security.
Perform SAST and DAST to identify vulnerabilities in production code.
Utilize Terraform orchestration to ensure secure and efficient infrastructure management.
Guide engineering teams to build robust long-term solutions that consider security and privacy.
Clearly explain the mechanics and significance of security vulnerabilities, including their exploitability and potential impact.
Influence the security strategy and direction of the team, advocating for best practices and continuous improvement.
Requirements
Proven experience as a Security Engineer with a focus on product security.
Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes.
Strong understanding of modern Javascript application design.
Production experience operating and securing AWS infrastructure at scale.
Hands-on experience with SAST and DAST tools and methodologies.
Familiarity with Terraform orchestration for infrastructure management.
Ability to structure complex problems and diagnose root causes independently.
Excellent communication skills to present technical concepts to technical and non-technical stakeholders.
Demonstrated ability to influence security strategies and drive improvements.
Nice-to-Haves
Demonstrated ability to drive multi-month security initiatives independently.
Defines and maintains policies for AI model behavior in high-risk domains like agentic systems and user safety. Collaborates with research, engineering, and product teams to operationalize policies into measurable safeguards using empirical data and red-teaming.
207k – 295k/yr
HybridSecurity Engineering
Model Policy, Frontier Cyber Risk
OpenAISan Francisco, CA
Develops and maintains AI model policies for high-risk cybersecurity domains, translating threat models into behavioral specifications, evaluations, and mitigations. Collaborates with research, engineering, and safety teams to ensure technically grounded, enforceable safeguards against dual-use risks.
207k – 295k/yr
HybridSecurity Engineering
Security Engineer - Vuln Management (Infra)
ReplitFoster City, CA
Mid-level Infrastructure Vulnerability Management Engineer responsible for cloud security posture, IaC scanning, container vulnerability management, and compliance tracking across multi-cloud environments. Requires 5+ years in cloud security/DevSecOps with deep GCP expertise.
210k – 270k/yr
Hybrid5+ YOESecurity Engineering
Security Engineer - Vuln Management (Code)
ReplitFoster City, CA
Mid-level AppSec Vulnerability Management Engineer who identifies application vulnerabilities, manages SBOM and supply chain security, and drives compliance tracking for SOC 2, ISO 27001, and PCI-DSS. Requires 5+ years in AppSec/DevSecOps with strong coding skills in JS/TS, Python, and Go.
210k – 270k/yr
Hybrid5+ YOESecurity Engineering
Software Engineer - Security
PerplexitySan Francisco, CA
Builds security tools, automations, and AI agents to enhance detection, response, vulnerability management, and overall security posture. Requires 4+ years experience in software engineering with security focus, proficiency in Python/Go/TypeScript, and familiarity with SIEM/EDR/cloud systems.