Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Global Brain Corporation

AI Application Security Engineer

Global Brain Corporation

Security Engineer ensuring application security for AI products at Brain Co. Focusing on secure development practices and protecting sensitive data in regulated environments.

Posted 5/7/2026full-timeSan Francisco • California • 🇺🇸 United StatesMid-LevelSeniorWebsite

Tech Stack

Tools & technologies
SDLC

About the role

Key responsibilities & impact
  • Own secure development practices across our products: AuthN/AuthZ patterns, secrets management, input handling, and secure-by-default standards that engineers can follow without security becoming a bottleneck.
  • Integrate security into the development lifecycle — code review, CI/CD pipelines, and pre-deployment checks — catching risk before it reaches production.
  • Conduct threat modeling across product features and release cycles, translating risk into concrete controls that ship alongside each product.
  • Build and maintain security tooling and automated checks that scale your reach across the codebase — using AI to move faster and cover more ground than manual review alone could.
  • Own the application-layer security model for Brain Co.'s agentic products — how agents are scoped, what they are authorized to do on behalf of users, and where trust boundaries sit between the agent and the external systems it touches.
  • Define secure patterns for how agents integrate with third-party systems and APIs: how credentials are stored and scoped, how responses are validated before being acted on, and how each product limits what agents can do with what they get back.
  • Work directly with product and ML engineers during feature development to define secure agent design patterns: tool scoping, permission boundaries, output validation, and safe handling of user context across multi-step workflows.
  • Build reusable secure-by-default patterns for agent development — design guidelines, review checklists, and code-level guardrails — so that security standards scale as new agent capabilities are built.
  • Produce security artifacts for agent features and product deployments: threat models, architecture reviews, and documentation that supports delivery into regulated customer environments.
  • Define and enforce data protection standards at the application layer — ensuring sensitive customer data (PHI, PII, government records) is handled correctly as it flows through AI pipelines and surfaces in agent outputs.
  • Build safeguards against unauthorized data exposure across our products: access controls, output filtering, and audit logging that make data handling attributable and reviewable.
  • Design secure data handling patterns for AI features operating on regulated data, working with platform and ML teams to ensure the application layer upholds its share of the data protection contract.

Requirements

What you’ll need
  • Have 5+ years of experience in application security or product security, with hands-on experience on production systems at scale.
  • Are a builder first — you write code and ship security tooling, and see embedding security into the engineering workflow as the job, not a side effect of it.
  • Have deep fluency in application security fundamentals: OWASP Top 10, AuthN/AuthZ, secure SDLC, secrets management, secure integration patterns, and cryptography basics.
  • Understand the security surface of agentic AI across the product layer — how agents should be designed, scoped, and reviewed for risk — and can work shoulder-to-shoulder with engineers to build those standards in.
  • Have experience protecting sensitive data at the application layer: access controls, audit logging, and preventing data exposure through third-party integrations and AI-generated outputs.
  • Work AI-natively — you already use AI to write better code, move faster, and do more with less, and you bring that same instinct to security work.
  • Think in attack surfaces and trust boundaries and can move cleanly from threat model to concrete shipped control.
  • Are comfortable working alongside delivery teams shipping into regulated industries, understanding their constraints and translating them into product-level security requirements.
  • Thrive in high-agency environments and want to own and grow the application security function as the company scales.

Benefits

Comp & perks
  • Competitive salary plus equity
  • Daily lunches
  • Commuter benefits
  • 401(k)
  • Medical, Dental, and Vision
  • Unlimited PTO

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securityproduct securitysecure SDLCthreat modelingOWASP Top 10AuthN/AuthZsecrets managementcryptographydata protectionaccess controls
Soft Skills
collaborationproblem-solvingcommunicationagilityownershipadaptabilitycritical thinkingattention to detailcreativityleadership