AppSec Jobs
← Back to all jobs

WRITER

Security engineer, application security

Hybrid
New York City, NY; San Francisco, CA; Seattle, WAPosted 2 weeks agoSF & NYC: $119.3K – $210K; Other US Locations: $111.7K – $182.8KWebsite
Apply on LinkedIn →

At a Glance

PythonJavaJavaScript/TypeScriptGoThreat ModelingSAST

About This Role

This is where security meets innovation at enterprise scale. As a security engineer, applications at WRITER, you'll be building the security foundations that protect the AI systems powering some of the world's most recognizable brands. You'll work at the intersection of application security, AI infrastructure, and developer enablement—partnering with engineering teams to embed security into every line of code while ensuring our platform remains both powerful and trustworthy. The opportunity is massive: you'll help define how enterprise AI applications are secured, from threat modeling our LLM architectures to building automated security controls that scale across our growing platform. This isn't about saying "no"—it's about finding creative ways to say "yes, and here's how we do it securely." You'll tackle challenges that most security engineers never encounter: securing AI agents, protecting training data pipelines, and designing controls for systems that didn't exist a few years ago. This role is hybrid from our New York City, San Francisco, or Seattle offices, reporting to the head of security engineering.

Responsibilities

  • Build security into the DNA of our AI platform by conducting threat modeling sessions with product teams, designing secure architectures for new features, and ensuring security considerations shape product decisions from day one—not after the fact
  • Own and evolve our application security program including establish and maintain SAST/DAST scanning in CI/CD pipelines, conducting security code reviews for critical changes, and building automation that catches vulnerabilities before they reach production
  • Partner with engineering teams to establish and champion secure coding standards, creating reusable security patterns and libraries that make it easier for developers to build securely by default
  • Design and recommend security features and products that help secure customer environments. You are the advocate and the vision for how we protect and secure customers
  • Integrate and leverage AI agents to help increase velocity for the security team and the overarching engineering org to ensure that we are proactive in minimizing risk while we build products
  • Lead security assessments and penetration testing of WRITER's applications, AI services, and APIs, identifying vulnerabilities across our tech stack and working collaboratively with teams to remediate issues at scale
  • Design and implement security controls for protecting data pipelines, model training environments, and customer-facing AI agents
  • Stay ahead of emerging threats in the AI/ML security landscape, researching attack vectors specific to LLMs and generative AI, and proactively building defenses against novel risks

Requirements

PythonJavaGoJavaScriptTypeScriptSASTDASTDevSecOps
  • Minimum 4 years of hands-on experience in application security engineering, with a proven track record of securing large-scale production systems—bonus points if you've worked in fast-growing startups or high-growth environments
  • Understanding of developer experience and developer workflows for shipping features and products. You care deeply about reducing risk while considering velocity of engineers
  • Technical expertise in at least two programming languages (Python, Java, Go, JavaScript/TypeScript) and the ability to read and review code across multiple languages, understanding both business logic and security implications
  • Knowledge of security tools and methodologies including SAST/DAST solutions, vulnerability management platforms, security testing frameworks, and DevSecOps practices—you know which tools to use and when automation beats manual review
  • Excellent communication skills that allow you to translate complex security concepts into clear recommendations for both technical and non-technical audiences—you can explain why something matters and motivate teams to action
  • A builder's mindset that looks for opportunities to automate, scale, and empower rather than create bottlenecks—you understand that security enables the business, not blocks it
  • Alignment with WRITER's values of Connect (building strong relationships across teams), Challenge (pushing the boundaries of what's possible in AI security), and Own (taking end-to-end responsibility for the security of our platform)
  • This role is open to Mid, Sr. and Staff level candidates

Benefits & Perks

Generous PTO, plus company holidays
Medical, dental, and vision coverage for you and your family
Paid parental leave for all parents (16 weeks)
Fertility and family planning support
Early-detection cancer testing through Galleri
Flexible spending account and dependent FSA options
Health savings account for eligible plans with company contribution
Annual work-life stipends for wellness stipend for gym, massage/chiropractor, personal training, etc.
Learning and development stipend
Company-wide off-sites and team off-sites
Competitive compensation, company stock options and 401k

About WRITER

Writer Inc. is a generative AI company based in San Francisco, founded in 2020 by May Habib and Waseem AlShikh. The company offers a comprehensive enterprise AI platform that allows businesses to build, deploy, and manage AI agents and workflows using custom large language models (LLMs) and various development tools. Writer focuses on enhancing enterprise-wide AI adoption across multiple sectors, including marketing, sales, finance, and healthcare, by integrating AI with company data for accurate and compliant outputs. The platform features the Palmyra family of LLMs, which includes domain-specific models tailored for healthcare and finance. Key components of the platform include AI Studio for creating custom applications, a Knowledge Graph for connecting business data, and tools for automation and AI supervision. Writer operates on a tiered SaaS model, providing a secure and scalable ecosystem for organizations. The company has raised over $326 million in funding and serves around 250 enterprise customers, including notable names like Uber, Spotify, and L'Oréal.

Industry

information technology & services

Employees

2,500

130 engineers

Revenue

$47M

Website

Visit →

Security at WRITER

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Writer views security as a 'velocity multiplier' rather than a blocker, aiming to embed security into every line of code.
  • The philosophy centers on 'shifting left,' developer enablement, and maintaining a 'full spectrum' security posture where defenders act as attackers to test resilience.

Security Team

  • The security organization is led by Eric Freeman, Chief Information Security Officer (CISO).
  • The team includes dedicated Application Security roles, as evidenced by active recruitment for Security Engineers focused on this domain.
  • The team's structure emphasizes cross-functional engagement with engineers and staff.

Key Initiatives

  • Key initiatives include the integration of AI agents to increase security velocity, establishing SAST/DAST in CI/CD pipelines, and conducting regular purple teaming.
  • The team also maintains SOC 2 Type II and ISO certifications and enforces least-privilege access across the platform.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.

Interested in this role?

Apply on LinkedIn