Mercor
Security Engineer, Application Security
San Francisco or NYC$130k–$400kfulltimemidAdded 2 days ago
About this role
Mercor is seeking an Application Security Engineer to lead security initiatives at the application layer, working closely with development teams to enhance secure coding practices and embed security throughout the software development lifecycle. The role involves hands-on vulnerability management, code reviews, and building security tools that leverage AI technologies within a fast-paced environment.
What you'll do
- Embed security review workflows in the development lifecycle
- Integrate SAST/DAST pipelines into CI/CD processes
- Manage vulnerability prioritization based on exploitability
- Establish secure coding standards for engineers
- Create threat models for new features and architectures
- Oversee the operations of the bug bounty program
What they're looking for
- Experienced in identifying vulnerabilities in production
- Proficient with web application security principles
- Strong coding skills in Python, TypeScript, or Go
- Knowledgeable in SAST/DAST tools like Semgrep and CodeQL
- Familiar with modern web frameworks and APIs
- Experience managing the vulnerability remediation process
- 5+ years in application security or related fields
Benefits
- Bi-annual performance bonuses
- Generous equity grants vested over 4 years
- Relocation assistance up to $15k
- Exposure to cutting-edge AI technologies
- Collaborative in-person work environment
- Ownership of the application security domain
Opens the official application on the employer’s site. No login required.