🛠 Tech Stack

💼 About This Role

You'll own application security at a high-growth company where the app layer is the highest-priority surface. You'll embed in the development lifecycle, review code for exploitable flaws, and build security tooling into CI/CD. You'll use AI co-pilots to accelerate code review and threat modeling, automating repetitive work.

🎯 What You'll Do

• Embed security review workflows in the SDLC
• Build SAST/DAST pipelines integrated into CI/CD
• Drive vulnerability remediation across the platform
• Operate bug bounty program and triage reports

📋 Requirements

• 5+ years in application security or software engineering with security focus
• Deep understanding of web application security including OWASP Top 10 and attack chains
• Proficiency in Python, TypeScript, or Go
• Experience building or tuning SAST/DAST tooling (Semgrep, CodeQL, Snyk, Burp)

✨ Nice to Have

• Experience running or triaging a bug bounty program (HackerOne, Bugcrowd)
• Offensive security skills and penetration testing experience
• Experience securing AI/ML applications

🎁 Benefits & Perks

• 📈 Equity ownership in a high-growth, profitable company
• 🏠 Housing support near our SF office
• 🍽️ Daily meal stipend
• 🏋️ Premium fitness membership at Equinox
• 🩺 Comprehensive health insurance

📨 Hiring Process

Estimated timeline: 2-3 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min