B
Posted 13 hours ago
Application Security Engineer
BraintrustApplication Security Engineer
Perks & benefits
Medical InsuranceHealth InsuranceVisa
Requirements
5+ years in AppSec or backend engineering, Proficiency in TypeScript, Python, Go, or Rust, Knowledge of web/API vulnerabilities, Experience with authn/authz and multi-tenancy, Familiarity with AWS, Postgres, and Redis, Understanding of LLM security
Skills
TypeScriptPythonGo
About the role
About the Company
Braintrust is the AI observability platform. By connecting evals and observability in one workflow, Braintrust gives builders the visibility to understand how AI behaves in production and the tools to improve it.
Responsibilities
- Drive secure design across the platform by leading threat models and reviewing architecture proposals
- Review code across TypeScript, Python, and Go services, open source tracing libraries, and the model proxy
- Build paved road security primitives including authn/authz, RBAC, tenancy isolation, and secret handling
- Own SAST, DAST, SCA, and secret-scanning tooling end-to-end
- Run the vulnerability management program and triage external bug bounty reports
- Lead AI-specific security work including prompt injection defenses and agent/tool-use sandboxing
- Partner with open source maintainers on the security of embedded libraries
- Use agentic coding workflows to scale automated code review and exploit prototyping
Requirements
- 5+ years in application security, product security, or backend engineering with a security focus
- Strong code reading and writing skills in at least two of TypeScript/Node.js, Python, Go, or Rust
- Deep knowledge of web and API vulnerability classes and architectural prevention patterns
- Track record of building secure-by-default libraries or services
- Hands-on experience with authn/authz design, multi-tenant data isolation, and secrets management
- Familiarity with high-availability data platforms involving Postgres, Redis, and AWS
- Clear point of view on AI/LLM security (prompt injection, agent abuse, etc.)
- Daily user of agentic coding tools
Preferred Qualifications
- Prior experience with LLM red-teaming
- Agent sandbox research experience
- Experience shipping security-focused open source libraries
Benefits
- Medical, dental, and vision insurance
- Daily lunch, snacks, and beverages
- Flexible time off
- Competitive salary and equity
- Wifi & cellphone stipend
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeApplication Security Engineer
Braintrust · San Francisco
