# Application Security Engineer

**Company:** [xAI](https://hotfix.jobs/companies/xai)
**Location:** Palo Alto, CA
**Role:** Security Engineering
**Salary:** $200k – $340k/yr
**Experience:** 3+ years
**Skills:** Python, Rust, Owasp Top 10, CI/CD, DevSecOps, Sbom, Burp Suite, Owasp Zap, GCP, AWS
**Posted:** 2026-03-16

> Secures cloud-native applications through code reviews, threat modeling, CI/CD integration, and AI-specific security measures like OWASP LLM Top 10. Requires 3+ years in app sec, Python/Rust proficiency, and bachelor's degree.

## Job Description

## RESPONSIBILITIES
- Conduct in-depth code reviews and static analysis to identify and mitigate security vulnerabilities in our applications
- Design and implement secure coding guidelines and best practices for development teams
- Collaborate closely with development teams to integrate security practices throughout the CI/CD pipeline
- Perform threat modeling and risk assessments for applications, developing mitigation strategies for potential risks
- Manage vulnerability tracking and remediation efforts, providing guidance to development teams
- Support incident response activities related to application security
- Stay current on emerging security threats and trends in cloud-native technologies and AI, continuously enhancing our security measures
- Evaluate and secure software supply chains, including producing and maintaining Software Bills of Materials (SBOMs)
- Address security concerns specific to AI and machine learning models, with a focus on the OWASP LLM Top 10

## BASIC QUALIFICATIONS
- Bachelor's degree in Computer Science, Cybersecurity, or a related field
- 3-5 years of experience in application security, with a strong focus on code security practices
- Deep understanding of secure coding practices, application security frameworks, and common vulnerabilities (e.g., OWASP Top 10)
- Proficiency in **Python** or **Rust** programming languages and experience with secure coding practices in these languages
- Experience securing CI/CD pipelines and implementing DevSecOps practices
- Familiarity with software supply chain security and SBOM generation tools
- Experience with security testing tools (e.g., **Burp Suite**, **OWASP ZAP**) and static/dynamic code analysis
- Understanding of AI/ML security implications, particularly those outlined in the OWASP LLM Top 10
- Excellent communication skills, able to explain complex security issues to both technical and non-technical audiences

## PREFERRED SKILLS AND EXPERIENCE
- Experience with cloud platforms (e.g., **GCP**, **AWS**, **Azure**) and their security features
- Relevant security certifications (e.g., CSSLP, OSWE)
- Background in data privacy and compliance regulations relevant to cloud-native applications and AI systems
- Experience with GitOps and infrastructure-as-code security
- Familiarity with federated learning and privacy-preserving machine learning techniques
- Experience in building custom security tooling to enhance and automate security processes
- Interest in leveraging AI to automate security tasks and improve efficiency
- Contributions to open-source security projects or tools
- Experience in securing AI/ML models and data pipelines

## COMPENSATION AND BENEFITS
**$200,000 - $340,000 USD**

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

## Similar roles

- [Security Engineer](https://hotfix.jobs/jobs/9731ca0c-3722-4ec9-9644-4515044e6890) - Nooks - San Francisco, CA - $200k – $315k/yr
- [Platform Engineer, Security](https://hotfix.jobs/jobs/8ec09390-4b0b-4859-96b3-efafc456226c) - Decagon - San Francisco, CA - $200k – $330k/yr
- [Security engineer, detection and response (US)](https://hotfix.jobs/jobs/98c71ebc-3ff0-469d-9a49-eb98d9aec3ac) - Writer - San Francisco, CA - $200k – $240k/yr
- [Software Engineer, Trust](https://hotfix.jobs/jobs/c95c63b6-81e4-4554-b381-9d38e3dd4801) - Notion - San Francisco, CA - $200k – $280k/yr
- [Infrastructure Engineer, Security](https://hotfix.jobs/jobs/911010b2-5649-4288-bbd0-0172261e1e28) - Thinking Machines Lab - San Francisco, CA - $200k – $475k/yr

**Apply:** https://hotfix.jobs/jobs/864499a6-15be-495b-8c4f-faef3e9e7f13
**Canonical:** https://hotfix.jobs/jobs/864499a6-15be-495b-8c4f-faef3e9e7f13