Skip to content
DecagonDecagonSan Francisco, CA

Senior Security Engineer

Leads application security strategy for AI conversational platform, designing controls, threat modeling, and testing programs (SAST/DAST/IAST). Requires 5+ years in app sec engineering, secure coding expertise, and CI/CD integration; AI/ML security experience preferred.

200k – 330k/yr
On-site5+ YOESecurity Engineering

About the role

Responsibilities

  • Design and implement application security controls across our AI agent platform, including secure coding practices, threat modeling, and vulnerability management.
  • Collaborate closely with product engineering teams to integrate security throughout the software development lifecycle, from design, coding, PR, and deployment.
  • Establish application security testing programs including static analysis (SAST), dynamic analysis (DAST), and interactive testing (IAST) tailored for AI applications.
  • Lead security code reviews and architecture assessments for new features, with special focus on AI model integration points and customer data handling.
  • Build security tooling and automation to enable developers to identify and remediate vulnerabilities quickly while maintaining development velocity.
  • Respond to security incidents involving application vulnerabilities, coordinating remediation efforts and post-incident improvements.

Requirements

  • 5+ years of hands-on application security engineering experience.
  • Expertise in secure software development practices, including threat modeling, secure code review, and vulnerability assessment.
  • Strong software engineering background with ability to review code across multiple languages and frameworks commonly used in AI/ML applications.
  • Experience implementing application security testing tools and integrating security into CI/CD pipelines.
  • Knowledge of OWASP Top 10, common application vulnerabilities, and modern application security frameworks.
  • Proven track record working with engineering teams to remediate security findings while balancing security and business requirements.

Nice-to-Haves

  • Experience securing AI/ML applications, including prompt injection, model extraction, and adversarial input protections.
  • Background with large-scale, multi-tenant SaaS applications handling sensitive customer data.
  • Familiarity with Google Cloud application security services and container security best practices.
  • Knowledge of enterprise compliance requirements (SOC 2, ISO 27001, GDPR) from an application security perspective.
  • Experience with modern security tools like Semgrep, CodeQL, Cursor Bug Bot, XBOW, or similar.

Skills

Threat ModelingSecure Code ReviewSASTDASTIastCI/CDOwasp Top 10SemgrepCodeqlGCPAi/Ml SecurityPrompt Injection Protection
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA +1

Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.

200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Snowflake

Senior Software Engineer, Security Foundations

SnowflakeBellevue, WA

Senior Software Engineer building real-time security detection, prevention, and intelligence systems to protect Snowflake's multi-cloud platform from abuse, account takeovers, data exfiltration, and AI threats using AI/ML and risk scoring. Requires 5+ years software engineering experience with security focus.

200k – 288k/yr
On-site5+ YOESecurity Engineering
Wiz

Threat Detection Researcher

WizNew York, NY

Threat Detection Researcher developing detections and tools to protect customers from cloud, AI, and malware threats. Requires 6+ years in security/threat research, deep OS internals knowledge (Windows/Linux/macOS), Python proficiency, and cloud familiarity.

200k – 250k/yr
On-site6+ YOESecurity Engineering
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA

Senior Software Engineer building critical Identity & Access Management features and AI security capabilities (agent workflows, authentication, authorization, RBAC) for Snowflake's cloud data platform. Requires 7+ years building large-scale distributed systems, IAM expertise, and strong CS fundamentals.

200k – 288k/yr
On-site7+ YOESecurity Engineering
Novig

Senior Security Engineer

NovigNew York, NY

Senior Security Engineer building proactive, automated security systems including SOAR/SIEM workflows, AI agents, vulnerability management, and cloud hardening for a fast-growing sports prediction market platform.

200k – 250k/yr
On-site5+ YOESecurity Engineering