Talent.com
Security engineer, application security

Security engineer, application security

Writer CorporationSan Francisco, CA, United States
3 days ago
Job type
  • Full-time
Job description

About this role

WRITER is seeking an Application Security Engineer with deep expertise in AppSec, DevSecOps automation, and red team operations to secure our AI and AGI applications.

At WRITER, security is woven into the heart of our innovation. As we continue to push the boundaries of AI, we need a seasoned security engineer who can anticipate threats, integrate security into fast-moving development pipelines, and validate our defenses through hands-on testing.

You'll play a pivotal role in building security directly into our CI / CD workflows, uncovering and exploiting vulnerabilities before attackers can, and collaborating with cross-functional partners to safeguard our cutting-edge AI solutions. This is a highly technical, impact-driven role for someone who thrives at the intersection of security engineering, automation, and offensive testing.

If you're passionate about proactively securing complex applications-and can turn red team findings into real-world defenses-we want to hear from you.

Role Boundaries & Collaboration

What You Own (Responsible)

  • Build pipeline security (pre-deployment phase)
  • Security gates and checks in CI / CD
  • Application penetration testing
  • Container scanning in build phase
  • Application-layer vulnerability discovery

What You Don't Own (Others Lead)

  • Deployment pipeline security (Cloud / Infrastructure owns)
  • Infrastructure-as-code security (Cloud / Infrastructure owns)
  • Production runtime security (Cloud / Infrastructure owns)
  • AI model security research (AI Security owns)

    • Key Partnerships

  • With Cloud / Infrastructure : Clear handoff at build / deploy boundary. You secure the build; they secure the deploy
  • With AI Security : They provide threat models for AI-specific risks; you implement tests in CI / CD
  • With Detection & Response : You find vulnerabilities proactively; they detect attacks in production

    • Your responsibilities

  • Embed security in the build pipeline - Own pre-deployment application security, including automated vulnerability scanning, container scanning, and custom security gates in CI / CD.
  • Conduct advanced application penetration testing - Perform comprehensive testing on AI applications, APIs, and model endpoints, simulating adversarial attacks to validate controls.
  • Automate security testing at scale - Develop scripts, tools, and frameworks for continuous security assessment, including SAST, DAST, and SCA integration.
  • Lead application-layer red team exercises - Plan and execute engagements that mimic sophisticated adversary techniques targeting AI systems.
  • Hunt and validate vulnerabilities - Discover, reproduce, and chain vulnerabilities into realistic attack paths, providing actionable remediation guidance.
  • Advise on security architecture - Review designs for weaknesses, create secure patterns, and identify systemic issues across applications.
  • Collaborate across boundaries - Partner with Cloud / Infrastructure on deployment / runtime security, AI Security on threat modeling, and Detection & Response on defensive validation.

    • ☆ Is this you?

    Required Experience

  • 8+ years in application security, with a strong focus on hands-on testing.
  • 5+ years conducting penetration tests and security assessments.
  • Proven record of finding and exploiting critical vulnerabilities.
  • Deep experience integrating security into DevOps workflows and CI / CD pipelines.
  • Strong programming skills for exploit development and security automation.
  • Expertise in web application and API security, including cloud-native architectures.

    • Technical Expertise

  • Proficient with penetration testing tools (e.g., Burp Suite, OWASP ZAP, custom scripts).
  • Skilled in SAST, DAST, and SCA tools.
  • Strong understanding of application-layer attack techniques and exploitation.
  • Experience with supply chain security and build pipeline hardening.

    • Execution & Impact

  • Demonstrated ability to identify vulnerabilities others miss.
  • Proven track record of automating security testing in fast-paced development cycles.
  • Ability to translate red team findings into concrete defensive measures.
  • History of effective collaboration with engineering teams.

    • Preferred Qualifications

  • Background in software development or DevOps.
  • Experience testing AI / ML applications.
  • Security certifications such as OSCP, OSWE, or GWAPT.
  • Published security research or CVEs.
  • Experience with purple team operations.

    • Benefits & perks (US Full-time employees)

  • Generous PTO, plus company holidays
  • Medical, dental, and vision coverage for you and your family
  • Paid parental leave for all parents (12 weeks)
  • Fertility and family planning support
  • Early-detection cancer testing through Galleri
  • Flexible spending account and dependent FSA options
  • Health savings account for eligible plans with company contribution
  • Annual work-life stipends for :

    • Home office setup, cell phone, internet

  • Wellness stipend for gym, massage / chiropractor, personal training, etc.
  • Learning and development stipend
  • Company-wide off-sites and team off-sites
  • Competitive compensation, company stock options and 401k

    • WRITER is an equal-opportunity employer and is committed to diversity. We don't make hiring or employment decisions based on race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Under the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

    By submitting your application on the application page, you acknowledge and agree to WRITER's Global Candidate Privacy Notice.

    Create a job alert for this search

    Application Security Engineer • San Francisco, CA, United States

    Related jobs
    • Promoted
    • New!
    Associate Application Security Engineer

    Associate Application Security Engineer

    PG ForstaEmeryville, CA, United States
    Full-time
    PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries-a status we earned over decades of deep partnership with clients to help them understan...Show moreLast updated: 19 hours ago
    • Promoted
    Security Engineer, Kuiper Security

    Security Engineer, Kuiper Security

    AmazonSunnyvale, CA, United States
    Permanent
    Project Kuiper is an initiative to launch a constellation of Low Earth Orbit satellites that will provide low-latency, high-speed broadband network connectivity to unserved and underserved communit...Show moreLast updated: 3 days ago
    • Promoted
    Security Engineer- Analyst

    Security Engineer- Analyst

    eTeamSan Jose, CA, United States
    Full-time
    Role : Security Engineer- Analyst.The ideal candidate should have over 5 years of security experience, preferably in the third-party security field. This role will be working directly with business a...Show moreLast updated: 3 days ago
    • Promoted
    Offensive Security Engineer

    Offensive Security Engineer

    METAMenlo Park, CA, United States
    Full-time
    Meta's Offensive Security Group is seeking an experienced Offensive Security Engineer to join our team.As a key member of the team, you will be responsible for executing tactical, offensive assessm...Show moreLast updated: 3 days ago
    • Promoted
    Senior Offensive Security Engineer

    Senior Offensive Security Engineer

    ChimeSan Francisco, CA, United States
    Full-time
    We are seeking a Senior Security Engineer to build and lead our Offensive Security program.In this role, you will attack Chime's services, applications, and infrastructure to discover security issu...Show moreLast updated: 3 days ago
    • Promoted
    Security Engineer, Detection & Incident Response

    Security Engineer, Detection & Incident Response

    Scale AI, Inc.San Francisco, CA, United States
    Full-time
    Security Engineer with a specialty in Detection and Incident Response to join our Security Engineering team.This role is crucial in ensuring the rapid and effective response to digital security inc...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Application Security Engineer (Hybrid - US)

    Senior Application Security Engineer (Hybrid - US)

    Energy SolutionsOakland, CA, United States
    Full-time
    Interested in joining a growing company where you will work with talented colleagues, enhance a supportive and energetic culture, and be part of the climate solution? At Energy Solutions, we focus ...Show moreLast updated: 27 days ago
    • Promoted
    Senior Security Engineer, Application & Platform Security

    Senior Security Engineer, Application & Platform Security

    SentrySan Francisco, CA, United States
    Full-time
    Bad software is everywhere, and we’re tired of it.Sentry is on a mission to help developers write better software faster so we can get back to enjoying technology. With more than $217 million in fun...Show moreLast updated: 15 days ago
    • Promoted
    Offensive Security Engineer

    Offensive Security Engineer

    VeearSunnyvale, CA, United States
    Full-time
    You are a highly skilled Offensive Security Engineer with deep expertise in application security, penetration testing, and exploit development. This role will focus on reviewing source code, identif...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    METAMenlo Park, CA, United States
    Full-time
    Meta), formerly known as Facebook Inc.When Facebook launched in 2004, it changed the way people connect.Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around t...Show moreLast updated: 30+ days ago
    • Promoted
    Principal Cyber Security Engineer

    Principal Cyber Security Engineer

    Cloud Software Group, Inc.San Ramon, CA, United States
    Full-time
    Architectural Leadership : Design, develop, and maintain the comprehensive security architecture for Cloud Software Group's products and corporate infrastructure. Cloud Security Expertise : Lead the s...Show moreLast updated: 22 days ago
    • Promoted
    Security Engineer, Enterprise Security

    Security Engineer, Enterprise Security

    TuroSan Francisco, CA, United States
    Full-time
    Turo is searching for a highly motivated and versatile Security Engineer to spearhead our efforts in securing enterprise systems and data through the design, implementation, and continuous improvem...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    Magic AI Corp.San Francisco, CA, United States
    Full-time
    Magic's mission is to build safe AGI that accelerates humanity's progress on the world's most important problems.We believe the most promising path to safe AGI lies in automating research and code ...Show moreLast updated: 3 days ago
    • Promoted
    Enterprise Security Engineer

    Enterprise Security Engineer

    StravaSan Francisco, CA, United States
    Full-time
    Strava is the app for active people.With over 150 million athletes in more than 185 countries, it’s more than tracking workouts—it’s where connection, motivation, and personal bests thrive.No matte...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Cyber Security Engineer

    Senior Cyber Security Engineer

    Cloud Software Group, Inc.San Ramon, CA, United States
    Full-time
    Analyze and investigate activity on company devices and infrastructure (Public Cloud & on-premise) that could represent a security threat. Work cross-functionally with the Security teams to develop ...Show moreLast updated: 22 days ago
    • Promoted
    Security Engineer - Architecture

    Security Engineer - Architecture

    LambdaSan Francisco, CA, United States
    Full-time
    Lambda, The Superintelligence Cloud, builds Gigawatt-scale AI Factories for Training and Inference.Lambda's mission is to make compute as ubiquitous as electricity and give every person access to a...Show moreLast updated: 3 days ago
    • Promoted
    SoC Security Engineer - Platform Architecture

    SoC Security Engineer - Platform Architecture

    AppleCupertino, CA, United States
    Full-time
    SoC Security Engineer - Platform Architecture.Cupertino, California, United States.Imagine what you could do here! At Apple, new ideas have a way of becoming extraordinary products, services, and c...Show moreLast updated: 3 days ago
    • Promoted
    Senior Offensive Security Engineer - Infrastructure & Cloud (Senior Security Engineer)

    Senior Offensive Security Engineer - Infrastructure & Cloud (Senior Security Engineer)

    IvaluaFremont, CA, United States
    Full-time
    Senior Offensive Security Engineer – Infrastructure & Cloud (Senior Security Engineer).Founded in 2000, Ivalua is a leading global provider of cloud-based procurement solutions.At Ivalua we are a g...Show moreLast updated: 3 days ago
    • Promoted
    Security Engineer, Product Security

    Security Engineer, Product Security

    METAMenlo Park, CA, United States
    Full-time
    Meta), formerly known as Facebook Inc.When Facebook launched in 2004, it changed the way people connect.Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around t...Show moreLast updated: 3 days ago
    • Promoted
    Security Engineer

    Security Engineer

    Cardinal Integrated Technologies, Inc.Santa Clara, CA, United States
    Full-time
    Bachelor's degree in Information Technology or related field.Prior experience in partnering with cross-functional teams to deliver impactful security initiatives. Prior experience working on applica...Show moreLast updated: 3 days ago