Infrastructure & Application Security Engineer

About TraversalTraversal stands at the forefront of AI Site Reliability Engineering (SRE), trusted by leading enterprises globally to troubleshoot, remediate, and preemptively manage complex production incidents. Our mission is to liberate engineers from continuous firefighting, allowing them to channel their talents into innovative, impactful work.With deep roots in AI research, we are committed to establishing the premier AI agent lab for enterprises. Our greatest asset is our team, comprised of exceptionally skilled and kind individuals, including researchers from prestigious institutions such as MIT, Harvard, and Berkeley, alongside world-class engineers from industry leaders like Citadel Securities, Cockroach Labs, Datadog, and more. Together, we tackle one of AI's most challenging problems.The RoleAs an Infrastructure & Application Security Engineer at Traversal, you will be instrumental in constructing our security program from the ground up. This hands-on role is ideal for someone passionate about security, enthusiastic about Kubernetes, and eager to build—transforming risk into automated, measurable, and low-friction guardrails that engineers can leverage daily. You will work at the intersection of Kubernetes security, service-to-service security (including Istio Ambient), and application security for Python APIs within a multi-tenant SaaS environment, collaborating closely across engineering teams with a focus on deploying mechanisms rather than creating presentations.

About the Role Adaptive Security is looking for a Lead Application Security Engineer in NYC. This position shapes how we defend our software against threats, guiding security strategy and execution across our applications. What You Will Do Lead the design and rollout of security measures for software applications Develop and refine security strategies to address emerging risks Work closely with teams to uphold strong security standards Ensure our practices align with industry regulations and compliance requirements What Matters Here Deep experience in application security Ability to guide teams and set technical direction Commitment to both proactive defense and regulatory compliance

Join a Groundbreaking CompanyPalantir is at the forefront of innovation, creating unparalleled software solutions that empower data-driven decisions and optimize operations. Our platforms are instrumental in advancing life-saving medical breakthroughs, predicting supply chain challenges, and locating missing children, among other vital initiatives.Your Impactful RoleAs an Application Security Engineer, you will play a pivotal role in safeguarding critical information for our defense, intelligence, and commercial partners. You will be integral to our Application Security Team, which is dedicated to enhancing developer productivity while ensuring the highest security standards for our software products. The importance of application security is paramount given the sensitive work Palantir undertakes.Your responsibilities will encompass:• Comprehensive Product Security Reviews. Conduct extensive security assessments of our current and future product offerings, including whitebox, greybox, and blackbox evaluations. Collaborate with offensive security teams, engineering groups, and other InfoSec professionals to strengthen our products against sophisticated threats.• Architectural and Design Expertise. Act as the security authority for product architects and engineers, engaging in threat modeling, risk assessment, and the implementation of security controls to mitigate identified risks. You will influence product design to ensure security is embedded from the outset.• Leadership in Strategic Security Initiatives. Take ownership of transformative security projects that have a company-wide impact. Past initiatives have included implementing supply chain security measures, hardware-backed GPG key signing, and developing innovative security services and automation.• Vulnerability Detection and Resolution. Innovate new methods to identify and address security vulnerabilities in our products through static and dynamic analysis, security scanning, and collaboration with our incident response team and bug bounty program.This position offers substantial autonomy, a broad-reaching impact, and the necessary resources to drive significant security enhancements across Palantir.

Join Our Innovative Security TeamAt OpenAI, security is paramount to our mission of ensuring that artificial general intelligence serves the best interests of humanity. Our dedicated Security team safeguards OpenAI’s technology, personnel, and products. We are technical in our solutions and operational in our approach, committed to supporting all aspects of our products and research. Our guiding principles include prioritizing impactful initiatives, empowering our researchers, preparing for future technological advancements, and fostering a robust security culture.Your Role as an Application Security EngineerIn the role of Application Security Engineer, you will play a vital part in identifying and mitigating security vulnerabilities within our software applications. This involves creating security tools, conducting code reviews, performing penetration testing, and executing comprehensive security assessments.We seek individuals who will collaborate closely with development teams to embed secure coding practices throughout the software development lifecycle, preemptively addressing security risks. You will also offer security guidance to developers and stakeholders, promoting a culture of security awareness across the organization.This position is based in New York City, but we also consider candidates for remote work. Our hybrid work model requires three days in the office each week, and we offer relocation assistance for new employees.Key ResponsibilitiesConduct Security Assessments: Regularly perform security assessments, code reviews, and penetration tests to identify vulnerabilities in applications and software.Create and Implement Security Tools: Design and develop security tools, frameworks, and methodologies to defend applications against potential threats.Collaborate with Development Teams: Work hand-in-hand with development teams to ensure security best practices are integrated throughout the software development lifecycle, including secure coding standards.Threat Modeling and Risk Assessment: Carry out threat modeling and risk assessments to proactively identify potential risks and devise effective mitigation strategies.Manage Vulnerabilities: Track, analyze, and manage vulnerabilities within applications, providing guidance and support for remediation efforts.Incident Response Support: Assist in incident response efforts and contribute to the development of incident response protocols.

About RainAt Rain, we are pioneering the future of global payments, creating an innovative infrastructure that enables real-world applications of stablecoins. Our dedicated team comprises passionate builders and seasoned founders committed to revolutionizing how financial transactions occur. We collaborate with fintech companies, neobanks, and institutions to launch solutions that are global, inclusive, and efficient. Join us to make a significant impact in a rapidly growing company backed by leading investors in fintech, crypto, and SaaS.Our EthosWe promote an open and collaborative work environment where every team member can thrive. You will have the opportunity to steer your career path in alignment with your aspirations while contributing to the company's vision.Key ResponsibilitiesAs a Security Engineer specializing in Application Security, you will play a pivotal role in integrating security throughout Rain’s engineering lifecycle and ensuring the delivery of secure, reliable applications:Conduct thorough application security assessments, including vulnerability scanning, code reviews, and threat modeling in collaboration with engineering teams.Work closely with product and development teams to facilitate remediation and assist in understanding and addressing security vulnerabilities effectively.Implement and scale automated security tools across CI/CD pipelines (SAST, DAST, SCA, IaC) to enhance proactive security measures.Create and maintain application security standards, patterns, and protocols that mitigate risk while enabling fast delivery.Lead threat modeling and risk assessments for new features, APIs, and services.Partner with Cloud & Infrastructure Security teams to ensure alignment of security controls and support cloud-native security needs.Assist in incident response for application-level security events, conduct root-cause analysis, and develop mitigation strategies.Contribute to the development of internal training programs to enhance secure coding practices and developer security awareness.Monitor and report on key security metrics, trends, and insights for continuous improvement to leadership.

Are you passionate about safeguarding applications in a dynamic environment? Join us as an Application Security Engineer at Contentful. In this pivotal role, you will leverage your expertise to enhance the security posture of our applications, ensuring that our customers' data remains secure and protected against emerging threats.Your responsibilities will include conducting security assessments, implementing security best practices, and collaborating with development teams to integrate security into the software development lifecycle. We are looking for someone who is not only knowledgeable in application security but also eager to learn and adapt in a fast-paced setting.

Join Palantir Technologies as a Product Infrastructure Security Engineer in New York. In this role, you will play a critical part in securing our infrastructure, ensuring that our products and services maintain the highest standards of security and reliability. You will work with top-tier engineering teams to identify vulnerabilities, implement robust security measures, and contribute to the overall security architecture of our systems.

CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.

Join dev2 as an Application Security Engineer, where you will play a vital role in safeguarding our applications against security threats. You will collaborate with development teams to integrate security practices into the software development lifecycle and perform security assessments to identify vulnerabilities. Your expertise will help ensure our systems are secure, reliable, and compliant with industry standards.

K Health Careers seeks a Senior Application Security Engineer based in New York, NY. The focus of this role is to strengthen application security and protect user data and privacy across the organization. Key responsibilities Identify and analyze software vulnerabilities, then recommend practical solutions. Collaborate with developers and cross-functional teams to integrate security into every phase of the software development lifecycle. Conduct thorough security assessments and review both application code and system architecture. Advise teams on secure coding practices and support their adoption throughout the company. Lead projects focused on enhancing application security protocols and maintaining high standards. Collaboration and impact This position works closely with engineering and other stakeholders to embed security thinking into daily development. Sharing expertise, guiding teams, and shaping a strong security culture are central to the role.

Role overview modal seeks an Infrastructure Security Engineer based in New York. The position centers on safeguarding digital infrastructure and securing core systems that support daily operations. Key responsibilities Design and apply security controls across infrastructure components Perform risk assessments to spot and address vulnerabilities Monitor compliance with industry regulations and standards Strengthen systems to withstand new and evolving security threats Impact This role plays a direct part in protecting modal’s operations. By reducing risks and supporting secure growth, the Infrastructure Security Engineer helps maintain the safety and integrity of the company’s technology foundation.

Why join usBrex is revolutionizing the way businesses manage their finances with our AI-driven spend platform. We empower companies to make confident spending decisions through integrated corporate cards, banking solutions, and global payment systems, alongside innovative software for travel and expense management. Trusted by thousands of businesses ranging from startups to large enterprises — including DoorDash, Flexport, and Compass — Brex enables proactive spending control, cost reduction, and enhanced efficiency on a global scale.Joining Brex means pushing your boundaries, challenging conventional thinking, and collaborating with some of the brightest minds in the tech industry. We are dedicated to fostering a diverse and inclusive workplace culture, believing that your potential should only be limited by your aspirations. We provide the tools, resources, and support necessary for you to advance your career.Engineering at BrexAt Brex, engineering is all about creating scalable systems with intention and speed. Our teams encompass Software, Data, Security, and IT, operating with high autonomy and deep collaboration. We tackle complex technical challenges, take ownership of our results, and strive for excellence at every stage — from architecture to deployment. Here, engineering is treated as a craft, and builders are nurtured into leaders.Your RoleAs a Senior Application Security Engineer, your primary responsibility will be identifying and addressing security vulnerabilities across the Brex platform. This role involves conducting code reviews, design assessments, penetration testing, and vulnerability management. You will develop and maintain tools for static and dynamic testing of the Brex platform, as well as tools that facilitate secure developer workflows. As part of our broader Financial Scale organization, you will collaborate closely with Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure teams.We seek candidates with a strong foundation and enthusiasm for penetration testing. You should possess a proven track record of discovering vulnerabilities in complex systems and crafting exploits to demonstrate their business impact. This position is highly collaborative, offering the opportunity to engage with every engineering team at Brex. We value diversity and expect you to thrive in a variety of backgrounds, roles, and needs. Building a world-class financial service requires world-class security.Brex is at the forefront of the next wave of AI-driven financial services for dynamic, high-impact companies like Coinbase, Robinhood, and Anthropic. As we integrate AI throughout our product suite, you will play a pivotal role in shaping and influencing these developments.

At StubHub, we are committed to revolutionizing the global live event experience. Our goal is to ensure that every fan—from first-time attendees to seasoned concert-goers—enjoys a seamless journey from ticket discovery to event entry. We also prioritize our sellers, whether they are individual fans or large-scale promoters, providing a secure and convenient platform for ticket sales to millions of users worldwide.About the Team:Join the StubHub Cloud & Infrastructure Security Engineering team, where we are looking for a seasoned engineer to fortify our security framework in the cloud and infrastructure sectors. The ideal candidate will have a robust background in cloud security architecture, network security, and infrastructure automation, along with knowledge of container and operating system security.

About UsAt Imprint, we are revolutionizing co-branded credit cards and innovative financial products, making them smarter, more rewarding, and truly brand-centric. We collaborate with renowned companies such as Crate & Barrel, Rakuten, Booking.com, H-E-B, Fetch, and Brooks Brothers, to launch cutting-edge credit programs that enhance customer loyalty, offer significant savings, and drive substantial growth. Our advanced platform merges intelligent payment infrastructure with seamless user experiences, enabling brands to provide impactful financial products without the need to become a bank.Co-branded cards represent over $300 billion in annual spending in the U.S., yet many are still reliant on outdated banking systems. Imprint stands out as a modern alternative, characterized by flexibility, advanced technology, and a focus on today’s consumer needs. Supported by top-tier investors such as Kleiner Perkins, Thrive Capital, and Khosla Ventures, we are assembling an exceptional team to transform the landscape of payments and card technology. If you are eager to work in a fast-paced environment, tackle complex challenges, and make a meaningful impact, we invite you to connect with us.Discover more about our journey on Imprint's Technology Blog.Our TeamThe Security Engineering team at Imprint plays a crucial role in safeguarding the trust of our customers, partners, and products. We are dedicated to developing a comprehensive and scalable security program that protects our infrastructure, applications, and data from threats while allowing the company to innovate rapidly and securely. By joining our dynamic FinTech startup, you will significantly influence the future of payment solutions and card technology.Your RoleAs a Senior Application Security Engineer, you will be pivotal in ensuring our products and services are designed with security at their core. You will establish and implement security best practices across our applications, conduct thorough testing, and empower engineering teams to proactively identify and address vulnerabilities.LocationThis hybrid position allows you to work remotely while also spending 2-3 days per week on-site at our offices located in New York City, San Francisco, or Seattle as directed by your manager.Key ResponsibilitiesConduct systematic threat modeling, utilizing frameworks such as MITRE ATT&CK, to identify risks, define attack paths, and propose mitigation strategies early in the development lifecycle.Perform detailed security architecture reviews to ensure that applications and microservices adhere to secure design principles.Collaborate with engineering teams to conduct code reviews, identifying vulnerabilities and ensuring code quality meets security standards.

Join Scale AI as a talented Infrastructure Security Engineer, where you'll play a pivotal role in safeguarding the integrity and security of our platform. This position focuses on securing expansive cloud environments, managing and fortifying various compute clusters, and reviewing infrastructure as code. Your proficiency in cloud security, infrastructure automation, and advanced security practices will be crucial in upholding and advancing our security framework.Your responsibilities include:Securing infrastructure across major cloud hosting platforms (e.g., AWS, Azure, GCP).Implementing and maintaining comprehensive security configurations and policies for cloud environments.Conducting regular security assessments and audits to identify vulnerabilities and propose enhancements.Developing and enforcing security best practices for infrastructure automation and orchestration.Collaborating with Developer Experience, IT, and product teams to integrate security into every phase of the infrastructure lifecycle.Reviewing and securing infrastructure as code (e.g., Terraform, CloudFormation).Mentoring team members on infrastructure security best practices and emerging threats.

About AbridgeFounded in 2018, Abridge is on a mission to enhance understanding within the healthcare sector. Our innovative AI-driven platform is specifically designed for medical dialogues, optimizing clinical documentation while allowing healthcare professionals to prioritize patient care.Our enterprise technology revolutionizes patient-clinician interactions by converting them into structured clinical notes in real-time, boasting deep integrations with Electronic Medical Records (EMRs). With our unique Linked Evidence and auditable AI solutions, we are pioneers in the application of generative AI for healthcare, ensuring that our AI-generated summaries are aligned with ground truth, enabling healthcare providers to trust and verify our outputs swiftly. As trailblazers in the responsible use of AI across health systems, we are setting new industry standards.Our diverse team comprises practicing MDs, AI scientists, PhDs, creatives, technologists, and engineers committed to empowering individuals and enhancing the healthcare experience. We operate from offices in San Francisco's Mission District, New York's SoHo neighborhood, and East Liberty in Pittsburgh.The RoleAre you eager to contribute to the foundational security of cutting-edge AI in global healthcare? We are in search of a highly skilled and motivated Senior or Staff Application Security Engineer to join our burgeoning Security team at Abridge. As one of the pioneering engineers, you will play a pivotal role in directing initiatives that will influence our product, infrastructure, and engineering methodologies. You will have a significant impact on both the vision and practical execution of our secure software development lifecycle (SDLC) across our entire product range. Your responsibilities will involve collaborating with product and engineering teams to seamlessly integrate security, automate security measures, and mentor colleagues in the creation of secure-by-default systems at scale in the AI era. This position demands extensive technical expertise, a builder's mentality, and exceptional communication skills to foster a security-oriented culture throughout the organization.

About WRITERWRITER is at the forefront of AI-driven innovation, empowering leading enterprises to harness the potential of artificial intelligence in their operations. Our mission is to enhance human capabilities through superintelligence. We are making this vision a reality with robust and reliable AI solutions that bridge the gap between IT and business, driving transformative results across organizations. With our comprehensive platform, renowned companies such as Mars, Marriott, Uber, and Vanguard are successfully developing AI agents tailored to their unique data needs, all powered by WRITER's enterprise-grade LLMs. As a company valued at $1.9 billion and supported by prestigious investors like Premji Invest, Radical Ventures, and ICONIQ Growth, WRITER is establishing itself as a dominant force in the realm of generative AI.Founded in 2020 and with headquarters in San Francisco, New York City, Austin, Chicago, and London, our team thrives on innovation and agility. We seek intelligent and dedicated individuals to join us in shaping the future of work through AI. About the RoleIn this pivotal role as a Security Engineer focused on applications at WRITER, you will establish the security framework that safeguards our AI systems, which serve some of the most renowned brands globally. You will collaborate closely with engineering teams, integrating security seamlessly into every line of code while ensuring our platform remains powerful and reliable.This is a unique opportunity to influence the security landscape of enterprise AI applications. You will engage in threat modeling for our LLM architectures and develop automated security controls that scale as our platform expands. Your approach will focus on innovative solutions that enhance security rather than restrict it. You will face challenges that few security engineers encounter, such as securing AI agents, protecting training data pipelines, and designing controls for emerging systems.This position offers flexibility, allowing you to work remotely within the US or in a hybrid capacity from our San Francisco or New York City offices, reporting directly to the head of security engineering.

Join Ramp as a Cloud Security Engineer and be part of a dynamic team dedicated to safeguarding our cloud infrastructure. In this role, you will leverage your expertise to design, implement, and maintain robust security measures that protect our clients' data and ensure compliance with industry standards.

About UsAt Gecko Robotics, we empower critical infrastructure by ensuring its availability, reliability, and sustainability through our innovative solutions. Our cutting-edge technology integrates wall-climbing robots, top-of-the-line sensors, and an AI-driven data platform, offering clients unprecedented insights into the current and future state of their physical assets. This enables real-time decision-making that enhances operational efficiency and safety, promotes mission readiness, and safeguards the environment from potential infrastructure failures.Position OverviewWe are seeking our inaugural dedicated Product Security Engineer to enhance and expand our application security measures at Gecko. In this pivotal role, you will have a significant impact on the security framework of our product as we continue to evolve.This is a hands-on position that requires direct collaboration with engineering teams to establish secure software practices as the default standard. While we have existing tools in place, we need someone who can refine them, automate processes, and minimize manual security tasks.If you thrive on building systems from scratch, addressing tangible challenges, and working closely with product and engineering teams, this role is tailored for you.Key ResponsibilitiesEnhance application security across our products and cloud systems, partnering with engineers to ensure secure software is the norm without hindering productivity.Integrate security checks into CI/CD pipelines to catch potential issues early, while refining existing tools to minimize distractions for engineers.Conduct code and infrastructure reviews to identify and mitigate security vulnerabilities, guiding teams in implementing secure, repeatable patterns.Automate currently manual security tasks, establishing scalable guardrails as the company expands.Collaborate with platform teams to bolster cloud security in AWS or Google Cloud, avoiding common pitfalls.Support the implementation of security controls necessary for SOC 2, ISO, and similar standards as we grow.Technologies We UtilizePython, JavaScript, ReactAmazon Web Services and Google CloudGitHub, GitLab, JenkinsContainers and Infrastructure as Code

Join Our Innovative TeamArch is a rapidly growing Series B financial technology firm that revolutionizes the management of private investments. Our platform enhances accessibility, clarity, and the overall experience for investors across various asset classes.Private investments, including venture capital, hedge funds, and private equity, represent about 25% of the investment landscape. Traditionally, stakeholders such as investors, advisors, and banks rely on cumbersome spreadsheets and disorganized systems, leading to inefficiencies and errors. This is where Arch steps in.Arch offers a unified platform that delivers standardized data, documents, and insights, eliminating the hassle of navigating multiple portals. Our mission is to streamline the investment process, allowing our clients to make informed decisions that result in superior financial outcomes.With a vibrant team of over 200 professionals, we serve more than 400 clients, including some of the largest banks and financial institutions in the United States. As we continue to scale, we are eager to expand our team across all departments.About the PositionWe are on the lookout for a Infrastructure Engineering Manager who possesses a robust background in technology and a passion for infrastructure. The successful candidate will have extensive experience in developing well-architected Cloud-Native applications, playing a vital role in bolstering our expanding engineering team.Your Key Responsibilities:Design, implement, and maintain tools for Continuous Integration/Continuous Deployment (CI/CD) and agile engineering iterations.Develop and manage cloud-native software solutions with a focus on Infrastructure as Code (IaC), automation, and observability.Enhance developer tools to optimize engineering workflows.Collaborate with cross-functional teams to ensure alignment of infrastructure practices with FinOps and budgeting strategies.Qualifications:A minimum of 7 years of experience in infrastructure or systems engineering roles.Proven track record in managing highly reliable and scalable web applications; expertise in site reliability engineering is a must.Demonstrated ability to advocate for best practices in engineering.