
Posted 5 hours ago
Security Engineer, Application Security
MercorSecurity Engineer, Application Security
Perks & benefits
Education AllowanceHealth InsuranceHousing AllowanceRelocation Allowance
Requirements
5+ years experience in AppSec or Software Engineering, Proficiency in Python, TypeScript, or Go, Deep understanding of OWASP Top 10, Experience with SAST/DAST tooling, Experience with vulnerability management
Skills
Application SecurityPythonTypeScript
About the role
About the Company
Mercor's mission is to organize human intelligence to power the AI economy. We partner with leading AI labs and enterprises to provide the human intelligence essential to AI development. Mercor is a profitable Series C company valued at $10 billion.
Responsibilities
- Build security review workflows embedded in the SDLC to catch auth bugs and injection flaws
- Integrate SAST/DAST pipelines into CI/CD to shift security left
- Manage vulnerability processes prioritizing real exploitability
- Establish secure coding standards and guardrails for engineering teams
- Develop threat models for new features, AI data pipelines, and multi-tenant boundaries
- Operate bug bounty programs, including triaging HackerOne reports and driving fixes
Requirements
- 5+ years of professional experience in application security, security engineering, or software engineering
- Proven track record of finding and fixing real vulnerabilities in production applications
- Deep understanding of web application security and OWASP Top 10
- Proficiency in Python, TypeScript, or Go
- Experience building or tuning SAST/DAST tooling (Semgrep, CodeQL, Snyk, Burp, etc.)
- Experience managing a vulnerability pipeline from discovery to remediation
Preferred Qualifications
- Experience running or triaging bug bounty programs (HackerOne, Bugcrowd)
- Offensive security skills and penetration testing experience
- Experience securing AI/ML applications, including prompt injection defense
- Familiarity with supply chain security and dependency scanning
- Experience building custom security tooling or contributing to open source security projects
Benefits
- Bi-annual performance bonus structure
- Generous equity grant vested over 4 years
- Up to $15k Relocation bonus
- $10K housing bonus for residents within 0.5 miles of the office
- $1.5K monthly stipend for meals
- Free Equinox membership
- $200 monthly laundry reimbursement
- $200 monthly personal wellness reimbursement
- Health, Dental, and Vision insurance
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSecurity Engineer, Application Security
Mercor · San Francisco
