Security engineer, application security

📋 Description

• • As a Security Engineer specializing in Application Security at WRITER, you will be at the forefront of safeguarding cutting-edge AI systems that power global enterprises. Your role is pivotal in constructing the foundational security measures that protect our advanced AI technologies, ensuring they remain both robust and trustworthy for some of the world's most recognized brands.
• • You will operate at the dynamic intersection of application security, AI infrastructure, and developer enablement. This involves a close partnership with our engineering teams to seamlessly integrate security principles into every stage of the development lifecycle, from initial design to final deployment, ensuring that security is an inherent part of our platform's architecture.
• • The scope of this opportunity is immense. You will play a key role in defining the best practices for securing enterprise AI applications. This includes conducting comprehensive threat modeling for our sophisticated LLM architectures, developing and implementing automated security controls that can scale effectively across our rapidly expanding platform, and contributing to the overall security strategy for our AI-driven products.
• • This position is not merely about enforcing restrictions; it's about fostering an environment where innovation thrives securely. You will be tasked with finding creative and effective solutions to complex security challenges, enabling the business to move forward confidently while mitigating risks.
• • You will confront unique security challenges that are specific to the rapidly evolving field of AI. This includes securing advanced AI agents, protecting the integrity and confidentiality of sensitive training data pipelines, and architecting security controls for novel systems that are continuously being developed and refined.
• • Your responsibilities will encompass building security directly into the core of our AI platform. This involves proactively engaging with product teams to conduct thorough threat modeling sessions, designing secure architectural patterns for new features, and ensuring that security considerations are integral to product decision-making from the outset, rather than being an afterthought.
• • You will take ownership of and drive the evolution of our application security program. This includes establishing and maintaining robust SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scanning within our CI/CD pipelines, performing meticulous security code reviews for all critical code changes, and developing sophisticated automation to identify and neutralize vulnerabilities before they can impact production environments.
• • A significant aspect of your role will be to collaborate closely with engineering teams. You will work to establish and champion secure coding standards, develop reusable security patterns and libraries, and provide guidance that empowers developers to build secure applications by default, reducing the burden on individual teams.
• • You will be instrumental in designing and recommending innovative security features and products. Your vision and advocacy will be crucial in ensuring that our platform not only meets but exceeds customer expectations for security and data protection within their own environments.
• • You will explore and integrate AI agents to enhance the efficiency and velocity of the security team and the broader engineering organization. The goal is to ensure we are proactively minimizing risk while simultaneously accelerating product development and deployment.
• • Leading security assessments and penetration testing will be a core duty. You will conduct in-depth evaluations of WRITER's applications, AI services, and APIs, systematically identifying vulnerabilities across our entire technology stack and collaborating with relevant teams to implement effective remediation strategies at scale.
• • You will design and implement critical security controls specifically tailored for protecting data pipelines, model training environments, and the customer-facing AI agents that form the core of our offerings.
• • Staying at the forefront of emerging threats within the AI/ML security landscape is paramount. This involves continuous research into novel attack vectors specific to LLMs and generative AI, and proactively developing and deploying defenses against these sophisticated and evolving risks.
• • This role offers a unique opportunity to shape the future of enterprise AI security, working with a talented team in a fast-paced, innovative environment.