Security engineer, application security (UK)

About WRITER

WRITER is where the worlds leading enterprises orchestrate AI-powered work. Our vision is to expand human capacity through superintelligence. And were proving its possible through powerful trustworthy AI that unites IT and business teams together to unlock enterprise-wide transformation. With WRITERs end-to-end platform hundreds of companies like Mars Marriott Uber and Vanguard are building and deploying AI agents that are grounded in their companys data and fueled by WRITERs enterprise-grade LLMs. Valued at $1.9B and backed by industry-leading investors including Premji Invest Radical Ventures and ICONIQ Growth WRITER is rapidly cementing its position as the leader in enterprise generative AI.

Founded in 2020 with office hubs in San Francisco New York City Austin Chicago and London our team thinks big and moves fast and were looking for smart hardworking builders and scalers to join us on our journey to create a better future of work with AI.

About the role

This is where security meets innovation at enterprise scale. As a security engineer applications at WRITER youll be building the security foundations that protect the AI systems powering some of the worlds most recognizable brands. Youll work at the intersection of application security AI infrastructure and developer enablementpartnering with engineering teams to embed security into every line of code while ensuring our platform remains both powerful and trustworthy.

The opportunity is massive: youll help define how enterprise AI applications are secured from threat modeling our LLM architectures to building automated security controls that scale across our growing platform. This isnt about saying noits about finding creative ways to say yes and heres how we do it securely. Youll tackle challenges that most security engineers never encounter: securing AI agents protecting training data pipelines and designing controls for systems that didnt exist a few years ago.

This role can be remote within the US or hybrid from our San Francisco or New York City offices reporting to the head of security engineering.

What youll do

• Build security into the DNA of our AI platform by conducting threat modeling sessions with product teams designing secure architectures for new features and ensuring security considerations shape product decisions from day onenot after the fact

• Own and evolve our application security program including establish and maintain SAST/DAST scanning in CI/CD pipelines conducting security code reviews for critical changes and building automation that catches vulnerabilities before they reach production

• Partner with engineering teams to establish and champion secure coding standards creating reusable security patterns and libraries that make it easier for developers to build securely by default

• Design and recommend security features and products that help secure customer environments. You are the advocate and the vision for how we protect and secure customers..

• Integrate and leverage AI agents to help increase velocity for the security team and the overarching engineering org to ensure that we are proactive in minimizing risk while we build products

• Lead security assessments and penetration testing of WRITERs applications AI services and APIs identifying vulnerabilities across our tech stack and working collaboratively with teams to remediate issues at scale

• Design and implement security controls for protecting data pipelines model training environments and customer-facing AI agents

• Stay ahead of emerging threats in the AI/ML security landscape researching attack vectors specific to LLMs and generative AI and proactively building defenses against novel risks

What you need

• 2 years of hands-on experience in application security engineering with a proven track record of securing large-scale production systemsbonus points if youve worked in fast-growing startups or high-growth environments

• Understanding of developer experience and developer workflows for shipping features and products. You care deeply about reducing risk while considering velocity of engineers.

• Technical expertise in at least two programming languages (Python Java Go JavaScript/TypeScript) and the ability to read and review code across multiple languages understanding both business logic and security implications

• Knowledge of security tools and methodologies including SAST/DAST solutions vulnerability management platforms security testing frameworks and DevSecOps practicesyou know which tools to use and when automation beats manual review

• Excellent communication skills that allow you to translate complex security concepts into clear recommendations for both technical and non-technical audiencesyou can explain why something matters and motivate teams to action

• A builders mindset that looks for opportunities to automate scale and empower rather than create bottlenecksyou understand that security enables the business not blocks it

• Alignment with WRITERs values of Connect (building strong relationships across teams) Challenge (pushing the boundaries of whats possible in AI security) and Own (taking end-to-end responsibility for the security of our platform)

  Benefits & perks (UK full-time employees):

  • Generous PTO plus company holidays

  • Comprehensive medical and dental insurance

  • Paid parental leave for all parents (12 weeks)

  • Fertility and family planning support

  • Early-detection cancer testing through Galleri

  • Competitive pension scheme and company contribution

  • Annual work-life stipends for:

    • Wellness stipend for gym massage/chiropractor personal training etc.

    • Learning and development stipend

  • Company-wide off-sites and team off-sites

  • Competitive compensation and company stock options

Required Experience:

IC