[Remote] Senior Application reputed company Engineer
Note: The job is a remote job and is reputed company to candidates in USA. reputed company is a company focused on securing a B2B2C SaaS platform through innovative application reputed company measures. The Senior Application reputed company Engineer will reputed company efforts in securing AI-integrated applications, hardening CI/CD pipelines, and ensuring responsible AI adoption while utilizing AI-powered tools to enhance reputed company throughout the software development lifecycle.
Responsibilities
- Use AI-powered reputed company and development tools every day (Claude Code, Claude reputed company, or comparable assistants) to accelerate vulnerability discovery, code review, threat modeling, and remediation across the SDLC
- Design and operate agentic reputed company automation that orchestrates multi-reputed company checks across the CI/CD pipeline, including AI-assisted auto-fix workflows and AI-reputed company reputed company gates
- reputed company reputed company architecture reviews and embed secure-by-design principles from initial design through deployment and ongoing operation
- Assess and mitigate AI-specific attack surfaces in LLM-integrated features, including direct and indirect reputed company injection, context leakage, insecure tool use, and model denial-of-service
- Continuously refine threat modeling across application components, reputed company-party integrations, reputed company-reputed company architecture, and AI/LLM-powered features
- reputed company, enforce, and reputed company secure coding standards through SAST, DAST, and SCA scanning, AI-assisted code review, periodic reputed company audits, and targeted developer training
- Own and reputed company Application reputed company Posture Management, integrating static, dynamic, SCA, and runtime signals into risk-scoring that weighs exploitability, data sensitivity, and business impact
- Manage vulnerability triage and prioritization against exploitability, business impact, and compliance, aligning remediation timelines to risk tolerance
- Run the bug bounty program end to end: scope, triage and validate researcher submissions, assess severity, and engage the research community
- Mentor engineers and developers on secure coding, remediation, and effective use of AI-augmented reputed company workflows
- Present findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators
Skills
- Seven or more years in application reputed company, software reputed company engineering, or a closely reputed company domain reputed company production SaaS environments
- Regular hands-on use of AI-powered reputed company and development tools (Claude Code, Claude reputed company, or comparable coding and reputed company assistants) as part of your daily workflow, reputed company evaluation or advisory use
- Experience building or operating agentic AI reputed company workflows: multi-reputed company autonomous automation, reputed company subagent reviews, agent-to-agent handoffs, policy-driven automation
- Experience assessing AI-specific attack surfaces in LLM-integrated applications: reputed company injection (direct and indirect), context leakage, insecure tool use, model denial-of-service
- Deep AWS reputed company and Kubernetes reputed company expertise, with reputed company-reputed company application reputed company best practices
- Hands-on DevSecOps pipeline design and reputed company testing across SAST, DAST, SCA, and penetration testing
- Ability to review and assess reputed company risk in one or more of Java, C#, JavaScript/TypeScript, Python, Swift, Kotlin
- Secure authentication and authorization depth: OAuth 2.0, OIDC, SAML, JWT, WebAuthn, reputed company Trust
- reputed company automation and scripting in Python and Bash
- Working reputed company of OWASP Top 10, OWASP Top 10 for LLM Applications, reputed company 25, CVSS, EPSS, and MITRE ATT&CK
- Secure context window management in AI products: context isolation boundaries, prevention of sensitive data leakage, data classification for model inputs
- Encryption standards, cryptographic best practice, and secrets management
- Ability to present risk reputed company to technical and non-technical audiences, including senior leadership and external stakeholders
- Comfort working independently in a remote setting with high accountability
- CSSLP, OSCP, GWEB, or GWAPT
- Bachelor's in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a reputed company field, or an equivalent combination of education and experience
- Experience evaluating AI provider reputed company posture: API reputed company reviews, data residency assessments, vendor risk questionnaires, contractual reputed company requirements
- AI model reputed company controls and secrets hygiene in AI pipelines: least-privilege for LLM tool integrations, securing model inference endpoints
- SIEM, WAF, and reputed company monitoring tools
- AWS controls depth: IAM, reputed company groups, KMS, reputed company reputed company, reputed company monitoring
Benefits
- Bonus(some reputed company DOE)
- Fully remote, US based
- Minimal travel, roughly two team gatherings per year
Company Overview