Senior Security Engineer I, Application Security

Role Overview

• Act as a technical visionary, bridging the gap between robust defense and rapid innovation
• Design, prompt-engineer, and deploy automated security review workflows
• Lead secure design reviews and advanced threat modeling for complex payment systems and AI integrated applications
• Collaborate frequently with different engineering teams to identify and address security issues
• Oversee deep-dive technical reviews, moving beyond basic scans to perform source code audits and live application testing on high-risk features
• Contribute and take ownership for the automated security controls we are building
• Provide hands-on remediation guidance and mentor junior security or software engineers

Requirements

• 5+ years in Application Security
• Proven experience performing web application penetration tests and vulnerability research
• Skills in source code auditing, product assessments and interaction with product teams
• Experience with development of security tools
• Automation First: A passion for replacing manual, repetitive tasks with intelligent, automated scripts and AI workflows
• Demonstrated ability to use tools like Claude for security-specific tasks like code summarization, vulnerability detection, and automated fix generation
• Deep practical knowledge of defending against Prompt Injection, Insecure Output Handling, and Model Inversion
• Experience with Python, Ruby on Rails, Java and modern web dev (JavaScript, Node.js, etc.)
• Good knowledge of AWS or similar cloud environments, containerization (Docker), and building/maintaining GitLab CI pipelines
• Advanced experience with SAST, DAST, and SCA tools
• Deep understanding of applied cryptography, OAuth2, SAML, and SSO implementations
• Ability to translate complex AI-generated findings into actionable business risks for stakeholders
• Empathy-Driven Security: A collaborative approach that treats developers and product teams as partners, focusing on enablement rather than friction.

Tech Stack

• AWS
• Cloud
• Docker
• Java
• JavaScript
• Node.js
• Python
• Ruby
• Ruby on Rails

Benefits

• Competitive compensation
• Employee Stock Purchase Plan (ESPP)
• Flying Start
• Our immersive Global Induction Program (Meet our Execs & Global Teams)
• Wellbeing Programs (Mental Health, Wellness, Yoga/Pilates/HIIT Classes) with Global FlyMates
• Competitive time off including FlyBetter Days to volunteer in a cause you believe in and Digital Disconnect Days!
• Great Talent & Development Programs (Managers Taking Flight – for new or aspiring managers!)