About the RoleWe are seeking a Staff Application Security Engineer to lead the design and implementation of application security and AI security capabilities that protect our products, developer workflows, and AI-powered engineering ecosystem. This is a highly hands-on role requiring strong software engineering skills. The successful candidate will spend the majority of their time building security automation, integrating security into the software development lifecycle, and enabling secure adoption of AI across engineering. The ideal candidate combines deep expertise in application security, secure software engineering, cloud-native architectures, and AI security with a pragmatic approach to balancing developer productivity and risk. This role is based in our East Palo Alto office. We work together onsite Monday through Thursday and work remotely on Fridays.
What You'll do- Design and implement security controls across web, mobile, backend services, and AI-powered systems, including coding agents and LLM workflows.
- Integrate security directly into CI/CD pipelines and developer workflows.
- Design and implement production-quality security services, APIs, and automation platforms.
- Build automation for SAST, DAST, dependency scanning, secret detection, container scanning, and Infrastructure-as-Code validation.
- Build guardrails for AI-generated code, automated pull requests, and agentic development workflows.
- Partner with engineering teams on security and architecture reviews, providing practical guidance early in the design and development process.
- Help engineers build secure software through clear standards, reusable patterns, documentation, training, and hands-on support.
- Champion shared ownership of security and help build a culture where engineers feel confident identifying, discussing, and addressing security risks
What You Bring to the Table - 10+ years of experience in Software Engineering, Application Security, Product Security, Security Engineering, or Platform Engineering.
- Strong programming skills in Go, Python, Java, TypeScript, C++, or similar languages.
- Experience with threat modeling, API security, authentication, authorization, and secure design principles.
- Experience with Kubernetes, containers, networking, and Infrastructure-as-Code tools such as Terraform.
- Familiarity with IAM, MFA, logging, and audit systems is a plus
Benefits and Perks- 401k with a match!
- Medical Insurance
- Dental Insurance
- Vision Insurance
- Competitive compensation & equity - We believe in sharing success.
- Flexible PTO - We focus on impact, not tracking vacation days. We encourage a minimum of 14 days.
- In-office lunch, team events & culture
CompensationThe base pay range for this role is $220,000 - $270,000 per year.