Security engineer, application security (UK)
Upload My Resume
Drop here or click to browse · PDF, DOCX, DOC, RTF, TXT
Requirements
• 2+ years of hands-on experience in application security engineering, with a proven track record of securing large-scale production systems—bonus points if you've worked in fast-growing startups or high-growth environments • Understanding of developer experience and developer workflows for shipping features and products. You care deeply about reducing risk while considering velocity of engineers. • Technical expertise in at least two programming languages (Python, Java, Go, JavaScript/TypeScript) and the ability to read and review code across multiple languages, understanding both business logic and security implications • Knowledge of security tools and methodologies including SAST/DAST solutions, vulnerability management platforms, security testing frameworks, and DevSecOps practices—you know which tools to use and when automation beats manual review • Excellent communication skills that allow you to translate complex security concepts into clear recommendations for both technical and non-technical audiences—you can explain why something matters and motivate teams to action • A builder's mindset that looks for opportunities to automate, scale, and empower rather than create bottlenecks—you understand that security enables the business, not blocks it • Alignment with WRITER's values of Connect (building strong relationships across teams), Challenge (pushing the boundaries of what's possible in AI security), and Own (taking end-to-end responsibility for the security of our platform)
Responsibilities
• Conduct threat modeling sessions with product teams to identify potential security risks in AI applications. • Design secure architectures for new features that integrate seamlessly into the existing platform while maintaining high levels of security and trustworthiness. • Ensure security considerations are incorporated from the initial stages of product development, influencing decisions throughout the design process to embed security by default. • Own and evolve the application security program within WRITER's enterprise AI platform, which includes: • - Establishing Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scanning in Continuous Integration/Continuous Deployment (CI/CD) pipelines. • - Conducting security code reviews for critical changes to ensure no vulnerabilities are introduced into the production environment. • - Building automated tools that proactively identify and mitigate potential threats before they reach live systems, ensuring continuous protection of AI agents and training data pipelines. • Partner with engineering teams across different offices (San Francisco or New York City) to establish secure coding standards tailored for WRITER's enterprise generative AI platform. This includes creating reusable security patterns and libraries that facilitate the development of secure code by default, making it easier for developers within the organization to maintain high levels of application security without compromising on functionality or performance. • Advocate for customer environments where WRITER's enterprise generative AI is deployed, recommending appropriate security features and products that align with our vision of expanding human capacity through superintelligence while ensuring the safety and integrity of sensitive data within these systems.
Benefits
• Generous PTO, plus company holidays • Comprehensive medical and dental insurance • Paid parental leave for all parents (12 weeks) • Fertility and family planning support • Early-detection cancer testing through Galleri • Competitive pension scheme and company contribution • Annual work-life stipends for: • Wellness stipend for gym, massage/chiropractor, personal training, etc. • Learning and development stipend • Company-wide off-sites and team off-sites • Competitive compensation and company stock options