Lead Application Security Engineer

Lead Application Security Engineer

REMOTE (US/ CANADA)

Up to $320K \+ Equity

Tech stack

TypeScript, Go, Cloud: Multi-cloud across AWS, Azure, and GCP

My client is a Series D start up that has raised a $150M Series D at a $2\.75B. They are building the agentic marketing platform of the future, enabling marketers to self-serve audiences, orchestrate journeys, and activate data across channels — all powered by the data warehouse. This year they crossed $100M ARR and are accelerating with a new suite of AI-powered agentic products. Their customer roster includes Ramp, Spotify, Dominos, Headway, and many more.

This is our first dedicated security hire, and it's a rare chance to define the function from the ground up. You'll own our application security posture end-to-end. We have strong engineering fundamentals and a solid foundation; now you'll shape what security looks like here as we scale from 70 to 140\+ engineers.

This is a hands-on, high-autonomy role. You'll spend most of your time in the codebase, not in meetings. You’ll be solving hard problems at the intersection of security and distributed systems: You'll own your roadmap. We're not looking for someone to run a checklist — we're looking for someone who can look at our architecture, identify the highest-leverage problems, and go fix them.

About You

You’ve been an early security hire at a SaaS company before and moved the needle on how they approach security. You can read application code, threat model a distributed system, and ship production fixes. You have significant distributed systems expertise so that you can understand and influence what is being built by the product teams and influence from a place of trust.

Experience that's relevant:

• Being an early security hire (first 1-3) at a SaaS or data infrastructure company
• Securing multi-tenant platforms: tenant isolation, authorization models, etc
• Cloud security on systems that span more than one cloud and operate against customer-owned accounts
• Design and build of data infrastructure as an early engineer, not just a user. You helped secure it from early design or during major redesigns. You understand how it scales and how it’s secured
• Privacy-adjacent security (PII handling, data residency, GDPR/CCPA technical controls)

We don't care about certifications. We care about what you've built.

Requirements:

• 6\+ years of experience as a security engineer with deep knowledge of distributed systems
• Been an early security hire (first 3) at a SaaS product or data infrastructure company
• Must have gone from

Backend software engineer - \> Security engineer

• CS, Math, or Physics degree
• Experience securing systems across multi- cloud and/or multi- region infrastructure
• Securing multi- tenant platforms: tenant isolation, authorization models, etc
• Privacy- adjacent security (PII handling, data residency, GDPR/CCPA technical controls)

Why you should join

• Raised $150M Series D at a $2\.75B valuation backed by Goldman Sachs, Bain Capital Ventures, Amplify Partners, and ICONIQ Capital
• $100M\+ ARR with enterprise customers like Ramp, Spotify, Dominos, and Headway
• Fully remote team
• Highly competitive comp and benefits