Builds security into AI platform through threat modeling, SAST/DAST in CI/CD, code reviews, and secure architecture design. Requires 4+ years app sec experience, programming in Python/Java/Go/JS, and DevSecOps tools expertise.
119k – 210k
Hybrid4+ YOESecurity Engineering
About the role
Responsibilities
Build security into the AI platform by conducting threat modeling sessions with product teams, designing secure architectures for new features, and ensuring security considerations shape product decisions from day one.
Own and evolve the application security program including establishing and maintaining SAST/DAST scanning in CI/CD pipelines, conducting security code reviews for critical changes, and building automation that catches vulnerabilities before production.
Partner with engineering teams to establish and champion secure coding standards, creating reusable security patterns and libraries.
Design and recommend security features and products that help secure customer environments.
Integrate and leverage AI agents to increase velocity for the security team and engineering org while minimizing risk.
Lead security assessments and penetration testing of applications, AI services, and APIs, identifying and remediating vulnerabilities.
Design and implement security controls for protecting data pipelines, model training environments, and customer-facing AI agents.
Stay ahead of emerging threats in the AI/ML security landscape, researching attack vectors specific to LLMs and generative AI, and building defenses.
Requirements
Minimum 4 years of hands-on experience in application security engineering, securing large-scale production systems (bonus: fast-growing startups or high-growth environments).
Understanding of developer experience and workflows, balancing risk reduction with engineering velocity.
Technical expertise in at least two programming languages (Python, Java, Go, JavaScript/TypeScript) and ability to review code across multiple languages.
Knowledge of security tools and methodologies including SAST/DAST solutions, vulnerability management platforms, security testing frameworks, and DevSecOps practices.
Excellent communication skills to translate complex security concepts for technical and non-technical audiences.
Builder's mindset focused on automation, scaling, and empowerment.
Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.
120k – 180k
On-site3+ YOESecurity Engineering
Product Security Manager
Northwood SpaceLos Angeles, CA
Own the full product security lifecycle for space communications systems, from threat modeling and secure architecture to penetration testing, vulnerability management, cryptography, and compliance with FedRAMP, CMMC, and NIST standards. Requires 5+ years of product/application security leadership, deep expertise in SAST/DAST, secrets management, CI/CD hardening, and applied cryptography; TS/SCI clearance eligibility required.
120k – 190k
On-site5+ YOESecurity Engineering
Security Engineer, Platform
ResendUnited States
As a Security Engineer, Platform, you will be responsible for building and improving the security foundations of Resend’s platform, including API keys, service permissions, and secrets management. You will also help design secure defaults for new services and improve detection and response for suspicious access.
120k – 140k
Remote5+ YOESecurity Engineering
Cloud Security Engineer
WorkWaveUnited States
Cloud Security Engineer leads secure cloud configurations in AWS (primary), Azure, and GCP, owning governance, IAM, vulnerability management, and secure-by-default patterns for engineering teams. Requires 5+ years experience with deep AWS security expertise and Terraform proficiency.
120k – 145k
Remote5+ YOESecurity Engineering
System Safety Engineer, Autonomy Trucking
Applied IntuitionSunnyvale, CA
Defines and manages safety architecture, requirements, and analysis (FMEA, FTA, STPA) for L4 autonomous trucking software/hardware. Requires 3+ years system safety experience, automotive standards expertise (ISO 26262), and engineering background in ADAS/autonomy.