Skip to main content

Braintrust

Application Security Engineer

San FranciscofulltimemidAdded 2 days ago

About this role

Braintrust seeks an Application Security Engineer to secure their AI observability platform across SaaS and self-hosted deployments. You'll conduct code reviews, design threat models, and lead AI-specific security initiatives like prompt injection and agent sandboxing while building secure-by-default libraries that developers adopt.

What you'll do

  • Lead threat modeling and secure design reviews for new platform features
  • Review code across TypeScript, Python, Go services and open source libraries
  • Build authentication, authorization, RBAC, and data isolation primitives
  • Manage SAST, DAST, SCA tooling and triage vulnerability reports
  • Develop defenses against prompt injection, model proxy abuse, and agent sandboxing threats
  • Use agentic coding workflows for automated code review and exploit prototyping

What they're looking for

  • Application or product security (5+ years experience)
  • Code writing and review in TypeScript/Node.js, Python, Go, or Rust
  • Web and API vulnerability classes and architectural defenses
  • Authentication, authorization, multi-tenancy, and secrets management
  • High-availability data platforms (Postgres, Redis, AWS)
  • AI/LLM security and prompt injection defense
  • Agentic coding tools proficiency
  • Technical communication and documentation

Benefits

  • Medical, dental, and vision insurance
  • Daily lunch, snacks, and beverages
  • Flexible time off
  • Competitive salary and equity
  • WiFi and cellphone stipend
Apply on the employer's site

Opens the official application on the employer’s site. No login required.