Skip to main content

Mercor

Security Engineer, Application Security

San Francisco or NYC$130k–$400kfulltimemidAdded 2 days ago

About this role

Mercor is seeking an Application Security Engineer to lead security initiatives at the application layer, working closely with development teams to enhance secure coding practices and embed security throughout the software development lifecycle. The role involves hands-on vulnerability management, code reviews, and building security tools that leverage AI technologies within a fast-paced environment.

What you'll do

  • Embed security review workflows in the development lifecycle
  • Integrate SAST/DAST pipelines into CI/CD processes
  • Manage vulnerability prioritization based on exploitability
  • Establish secure coding standards for engineers
  • Create threat models for new features and architectures
  • Oversee the operations of the bug bounty program

What they're looking for

  • Experienced in identifying vulnerabilities in production
  • Proficient with web application security principles
  • Strong coding skills in Python, TypeScript, or Go
  • Knowledgeable in SAST/DAST tools like Semgrep and CodeQL
  • Familiar with modern web frameworks and APIs
  • Experience managing the vulnerability remediation process
  • 5+ years in application security or related fields

Benefits

  • Bi-annual performance bonuses
  • Generous equity grants vested over 4 years
  • Relocation assistance up to $15k
  • Exposure to cutting-edge AI technologies
  • Collaborative in-person work environment
  • Ownership of the application security domain
Apply on the employer's site

Opens the official application on the employer’s site. No login required.