Collaborate with product and engineering teams to integrate security principles into the design and architecture of products.
Conduct threat modeling and risk assessments to identify vulnerabilities and potential attack vectors across the full product surface.
Manage the Secure Development pipeline including code security and 3rd party library supply chain security.
Stay current on emerging standards and guidance (e.g. OWASP Top 10 for LLMs, MCP security specifications) and translate these into actionable internal policy.
Triage Bug Bounty findings and responsibility disclosed vulnerabilities.

Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
5+ years in application or product security or a related role.
Proven partnership with engineering teams, bringing security expertise to the planning and development process.
Knowledge of encryption, authentication, and secure communication protocols.
Familiarity with tools like SAST, DAST, and penetration testing frameworks.
A deep understanding of application architecture and design principles, ability to effectively identify vulnerabilities across multiple programming languages
Kubernetes security posture management and auditing, including workload hardening, RBAC design, and admission control.
Demonstrated experience with multi-tenant security architecture, including data plane isolation, control plane hardening, and cross-tenant data leakage prevention.
Excellent collaboration and communication skills.
Expertise in at least one programming language, familiarity with Python and Go.

Unlimited PTO, 12 Holidays + 2 Floating Holidays
100% Premiums Coverage for Medical, Dental, and Vision
AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available)
Empower 401K Plan
Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more!

Senior Application Security Engineer

Key skills