Security Engineer Application Security

You will perform deep low-level application security assessments, analyze code and binaries to find exploitable vulnerabilities, and design automated tools to detect and triage security issues. You will review architectures and threat models, assess platform security boundaries and access controls, communicate actionable findings to engineering teams, and contribute to research and tooling to improve detection and mitigation.

Responsibilities

• Conduct low-level code security assessments
• Analyze vulnerabilities in application and system-level software
• Design and implement custom security tools for automated detection
• Perform architecture reviews and threat modeling
• Assess privilege escalation vectors and platform security controls
• Review access control implementations and inter-process communication
• Engage with clients to provide technical recommendations and remediation guidance
• Contribute to research and develop new security methodologies and tooling
• Document and communicate findings to technical stakeholders

Requirements

• Application security assessment experience
• Manual code review expertise
• Static analysis and dynamic analysis experience
• Binary analysis and reverse engineering experience
• Knowledge of memory corruption vulnerabilities and mitigations
• Understanding of system internals, IPC, and platform security boundaries
• Architecture review and threat modeling experience
• Security tool design and development experience
• Programming proficiency in two or more of Rust, Golang, Kotlin, Swift, Objective-C, JavaScript, TypeScript, Python, Ruby, C, or C++
• Ability to translate complex security findings into clear actionable recommendations
• Experience with Android, iOS, or macOS system internals (nice to have)
• Experience contributing to open source security tools or publishing vulnerability research (nice to have)
• Experience identifying cloud security misconfigurations (AWS, GCP, Azure) (nice to have)
• Experience collaborating on government-funded security research (nice to have)

Benefits

• Performance-based bonuses
• Fully company-paid health insurance
• Dental insurance
• Vision insurance
• Disability insurance
• Life insurance
• 401(k) plan with 5% match
• 20 days paid vacation
• 4 months parental leave
• Up to $10,000 relocation assistance to New York City
• $1,000 working-from-home stipend
• $750 annual learning and development stipend
• Company-sponsored all-team celebrations including travel and accommodation
• Philanthropic contribution matching up to $2,000 annually