Braintrust
Application Security Engineer
San FranciscofulltimemidAdded 2 days ago
About this role
Braintrust seeks an Application Security Engineer to secure their AI observability platform across SaaS and self-hosted deployments. You'll conduct code reviews, design threat models, and lead AI-specific security initiatives like prompt injection and agent sandboxing while building secure-by-default libraries that developers adopt.
What you'll do
- Lead threat modeling and secure design reviews for new platform features
- Review code across TypeScript, Python, Go services and open source libraries
- Build authentication, authorization, RBAC, and data isolation primitives
- Manage SAST, DAST, SCA tooling and triage vulnerability reports
- Develop defenses against prompt injection, model proxy abuse, and agent sandboxing threats
- Use agentic coding workflows for automated code review and exploit prototyping
What they're looking for
- Application or product security (5+ years experience)
- Code writing and review in TypeScript/Node.js, Python, Go, or Rust
- Web and API vulnerability classes and architectural defenses
- Authentication, authorization, multi-tenancy, and secrets management
- High-availability data platforms (Postgres, Redis, AWS)
- AI/LLM security and prompt injection defense
- Agentic coding tools proficiency
- Technical communication and documentation
Benefits
- Medical, dental, and vision insurance
- Daily lunch, snacks, and beverages
- Flexible time off
- Competitive salary and equity
- WiFi and cellphone stipend
Opens the official application on the employer’s site. No login required.