Rappi
Senior AI Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Rappi
Rappi is a super app based in Latin America, founded in 2015 in Colombia. It provides on-demand delivery of a wide range of goods and services, financial tools, and travel bookings across nine countries, including Argentina, Brazil, and Mexico. The company aims to accelerate e-commerce and economic development in the region. Rappi has grown significantly since its inception, achieving unicorn status with a valuation exceeding $5 billion and serving over 10 million monthly active users. The app offers various services, including grocery and pharmacy deliveries, food from restaurants, and travel bookings. Rappi also provides financial services such as payment solutions and business intelligence tools for merchants. With a network of bicycle and motorcycle couriers, Rappi ensures rapid delivery, often within an hour. The platform supports both consumers and entrepreneurs, enhancing access to products and services while creating job opportunities and fostering economic growth in Latin America.
Security at Rappi
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Rappi's AppSec philosophy centers on leading a maturity program and executing a Secure Software Development Lifecycle (SSDLC) roadmap.
- Their mission is to 'Lead the AppSec maturity program and define and execute the Secure Software Development Lifecycle roadmap.' They prioritize developer enablement by training developers in secure coding and design, and by embedding security directly into CI/CD pipelines.
- Their risk philosophy involves owning the application vulnerability management program and guaranteeing compliance with security frameworks regarding product development and the secure supply chain.
- Key goals include overseeing SSDLC tools like SAST and DAST and managing a security champions program.
Security Team
- The Rappi AppSec team includes key public-facing leaders such as Brenda Alejandra López Ávila (Security Information Engineer Lead) and Cristhian Rojas (Cybersecurity Engineer with experience in Red Teaming and AppSec).
- The team size is estimated at approximately 10 security-related profiles based on LinkedIn searches.
- As of April 2026, there are at least two active security-related job postings, including an AppSec Lead and a Senior AI Security Engineer.
- Common skill patterns required for the team include experience with DevSecOps tools, DAST, SAST (specifically Snyk), OWASP LLM Top 10, threat modeling, and cloud environments like AWS, GCP, and Azure.
Key Initiatives
- Active AppSec initiatives at Rappi include a Security Champions program where the AppSec lead selects and trains points of contact across the company.
- They are implementing 'Shift Left' practices by training developers in secure coding and embedding security tools into CI/CD pipelines.
- The team is also focused on defining and executing an SSDLC roadmap.
- A significant recent initiative involves AI security, with active hiring for a Senior AI Security Engineer to focus on LLM threats and AI red teaming.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.