Application Security Engineer

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified

Salary

Not verified

401(k) match

Not verified

Was this benefit information wrong? Tell us.

Schedule

Shift type

Not verified

Weekend work

Not verified

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Application Security Engineer San Francisco, United States, New York City, Seattle About the company Braintrust is the AI observability platform. By connecting evals and observability in one workflow, Braintrust gives builders the visibility to understand how AI behaves in production and the tools to improve it. Teams at Notion, Stripe, Zapier, Vercel, and Ramp use Braintrust to compare models, test prompts, and catch regressions - turning production data into better AI with every release. About the role We're looking for an Application Security Engineer who lives in the code. Braintrust is a real-time, high-availability data platform that runs in both SaaS and self-hosted environments, with open source libraries embedded inside thousands of customer applications and a model proxy in front of OpenAI, Anthropic, Gemini, and other major model providers. This is a hands-on IC role. You'll review code, build threat models, ship paved-road libraries, and lead AI-specific security work: prompt injection, agent sandbox escapes, tool-use abuse, and the new attack surface that comes with LLM-native applications. If you reach for agentic coding tools as your default workflow and can hold your own in a design review with a backend or systems engineer, we'd love to work with you. What you'll do - Drive secure design across the platform: lead threat models for new features, review architecture proposals, and partner with product and backend engineers to ship features that are secure by default - Review code across our TypeScript, Python, and Go services, our open source tracing libraries, and our model

Read the full description at jobs.ashbyhq.com. FewerJobs shows a source-linked preview and links to the original posting.