Application Security Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Take charge of the integration, configuration, and quality of output for security tools that enhance our platform.

• Optimize outputs to enhance signal clarity while minimizing noise — determine what information should be highlighted, suppressed, or enriched.

• Create rules, severity scoring, and triage processes that transform findings into actionable insights instead of overwhelming data.

• Develop a security judgment layer that provides context-aware prioritization and reasoning about exploitability on top of existing tools.

• Collaborate with engineers on the presentation of findings in the user interface and the functionality of remediation workflows.

• Work alongside Product Management and design teams to prioritize the roadmap, offering security expertise that informs upcoming developments.

• Evaluate and influence architectural decisions that impact security results.

• Interact with customers to gain insights into their platform usage and identify barriers to adoption.

• Assess our output quality against industry competitors and address any gaps identified.

• Contribute to the open-source security tools we rely on whenever feasible.

⛳️ Requirements

• Over 5 years of experience in application security, with a strong track record in delivering security products.

• Proficient programming skills in at least one of Go, Python, or TypeScript — this role focuses on product engineering with a security emphasis, rather than operations.

• Practical experience in tuning security tools for production environments — focusing on reducing false positives, creating suppression logic, and designing severity models.

• Familiarity with vulnerability research, CVE/CWE taxonomies, and exploit reasoning.

• Experience in distinguishing between actionable security findings and those that are merely technically accurate.

• Strong communication abilities and comfort in direct customer interactions.

• Pragmatic mindset; capable of building solutions quickly without adding unnecessary complexity.

• Experienced in thriving within a dynamic, startup engineering environment.

• Bonus: Previous experience in delivering a security product at a vendor.

• Bonus: Contributions to open-source security tools.

• Bonus: Background in offensive security or relevant certifications such as OSCP.

• Bonus: Hands-on experience with LLM agents, tool utilization, or autonomous AI systems.

🏝️ Benefits

• Comprehensive health and wellness benefits.

• 20 days of paid time off per year, plus 8 floating holidays.

• Remote work culture.

• Team off-site events in beautiful locations (Amsterdam, Italy, etc.).

• Competitive salary and equity offerings.