Leads application security strategy for AI conversational platform, designing controls, threat modeling, and testing programs (SAST/DAST/IAST). Requires 5+ years in app sec engineering, secure coding expertise, and CI/CD integration; AI/ML security experience preferred.
200k – 330k/yr
On-site5+ YOESecurity Engineering
About the role
Responsibilities
Design and implement application security controls across our AI agent platform, including secure coding practices, threat modeling, and vulnerability management.
Collaborate closely with product engineering teams to integrate security throughout the software development lifecycle, from design, coding, PR, and deployment.
Establish application security testing programs including static analysis (SAST), dynamic analysis (DAST), and interactive testing (IAST) tailored for AI applications.
Lead security code reviews and architecture assessments for new features, with special focus on AI model integration points and customer data handling.
Build security tooling and automation to enable developers to identify and remediate vulnerabilities quickly while maintaining development velocity.
Respond to security incidents involving application vulnerabilities, coordinating remediation efforts and post-incident improvements.
Requirements
5+ years of hands-on application security engineering experience.
Expertise in secure software development practices, including threat modeling, secure code review, and vulnerability assessment.
Strong software engineering background with ability to review code across multiple languages and frameworks commonly used in AI/ML applications.
Experience implementing application security testing tools and integrating security into CI/CD pipelines.
Knowledge of OWASP Top 10, common application vulnerabilities, and modern application security frameworks.
Proven track record working with engineering teams to remediate security findings while balancing security and business requirements.
Nice-to-Haves
Experience securing AI/ML applications, including prompt injection, model extraction, and adversarial input protections.
Background with large-scale, multi-tenant SaaS applications handling sensitive customer data.
Familiarity with Google Cloud application security services and container security best practices.
Knowledge of enterprise compliance requirements (SOC 2, ISO 27001, GDPR) from an application security perspective.
Experience with modern security tools like Semgrep, CodeQL, Cursor Bug Bot, XBOW, or similar.
Skills
Threat ModelingSecure Code ReviewSASTDASTIastCI/CDOwasp Top 10SemgrepCodeqlGCPAi/Ml SecurityPrompt Injection Protection
Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.
200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Senior Software Engineer, Security Foundations
SnowflakeBellevue, WA
Senior Software Engineer building real-time security detection, prevention, and intelligence systems to protect Snowflake's multi-cloud platform from abuse, account takeovers, data exfiltration, and AI threats using AI/ML and risk scoring. Requires 5+ years software engineering experience with security focus.
200k – 288k/yr
On-site5+ YOESecurity Engineering
Threat Detection Researcher
WizNew York, NY
Threat Detection Researcher developing detections and tools to protect customers from cloud, AI, and malware threats. Requires 6+ years in security/threat research, deep OS internals knowledge (Windows/Linux/macOS), Python proficiency, and cloud familiarity.
200k – 250k/yr
On-site6+ YOESecurity Engineering
Senior Software Engineer
SnowflakeBellevue, WA
Senior Software Engineer building critical Identity & Access Management features and AI security capabilities (agent workflows, authentication, authorization, RBAC) for Snowflake's cloud data platform. Requires 7+ years building large-scale distributed systems, IAM expertise, and strong CS fundamentals.
200k – 288k/yr
On-site7+ YOESecurity Engineering
Senior Security Engineer
NovigNew York, NY
Senior Security Engineer building proactive, automated security systems including SOAR/SIEM workflows, AI agents, vulnerability management, and cloud hardening for a fast-growing sports prediction market platform.