Application Security Engineer

Job Description
A buildertype application security engineer who enjoys learning by building real
systems.
Strong programming instincts in Python, Go, Rust, and/or JavaScript, with the ability
to read, write, and reason about production code.
Deep curiosity and passion for AI, LLMs, and agentic systems, with handson
experimentation using tools such as VS Code Agent, Cursor, Windsurf, or similar.
Interest or prior experience in application security, cybersecurity, bug bounty hunting,
or penetration testing, with an attackerminded approach to problem solving.
Strong desire to automate security controls and guardrails through code, pipelines,
and tooling.
Comfortable working in modern cloudnative environments as well as learning from
legacy systems when needed.
Motivated to grow into a deeply technical AppSec and AI systems engineer through
close mentorship.
Job Responsibilities
Development & Enablement
Build application security capabilities as software, embedding controls directly into
developer workflows.
Assist in defining and enforcing secure coding practices for modern, cloudnative,
and AIenabled applications.
Perform handson secure code reviews in Python, Go, Rust, and JavaScript with
direct remediation support.
Help integrate security guardrails into CI/CD pipelines and AIassisted development
environments.
AI & Agentic Systems Security
Design and build agentic AI systems for application security use cases such as code
analysis, threat modeling, and design reviews.
Learn and apply secure design patterns for LLMbacked services, toolusing agents,
and RAG pipelines.
Identify and reason about AIspecific security risks including prompt injection, data
leakage, and overprivileged agents.

Apply attackerstyle thinking to proactively discover abuse paths in AIenabled
systems.
Analysis & Configuration
Assist with application security testing, vulnerability analysis, and remediation
planning.
Participate in threat modeling exercises for distributed systems and AI workflows.
Help analyze and configure security controls across cloud, hybrid, and onprem
environments.
Document findings, patterns, and learnings to contribute to standards and runbooks.
Operational Support
Support production environments and security tooling as part of daytoday
engineering work.
Assist with incident response related to application vulnerabilities or AI system
misuse.
Learn how realworld incidents inform better system design and security controls.
Qualifications
Basic Qualifications
Strong programming ability in Python, Go, Rust, and/or JavaScript.
Understanding of application security fundamentals and common vulnerability
classes.
Experience or exposure to cloudnative environments, APIs, containers, and CI/CD
pipelines.
Curiosity, initiative, and willingness to learn quickly through handson building.
Ability to operate effectively as a contractor with minimal rampup.
Preferred Qualifications
Prior experience in application security, cybersecurity engineering, penetration
testing, or bug bounty hunting.
Experience thinking like an attacker and translating findings into durable engineering
fixes.
Handson experience experimenting with AIassisted development tools.
Familiarity with public cloud platforms such as AWS, Azure, or Google Cloud Platform (Google Cloud Platform a plus).
Interest in longterm growth into a senior AppSec and AI systems engineering role.