security
Posted May 7Application Security Engineer
at Braintrust
San Francisco, United StatesOn-site
You are nearing today's limit. Upgrade for unlimited access.
Requirements
- ABOUT THE COMPANY Braintrust is the AI observability platform.
- By connecting evals and observability in one workflow, Braintrust gives builders the visibility to understand how AI behaves in production and the tools to improve it.
- Teams at Notion, Stripe, Zapier, Vercel, and Ramp use Braintrust to compare models, test prompts, and catch regressions — turning production data into better AI with every release.
- Braintrust is a real-time, high-availability data platform that runs in both SaaS and self-hosted environments, with open source libraries embedded inside thousands of customer applications and a model proxy in front of OpenAI, Anthropic, Gemini, and other major model providers.
- You'll review code, build threat models, ship paved-road libraries, and lead AI-specific security work: prompt injection, agent sandbox escapes, tool-use abuse, and the new attack surface that comes with LLM-native applications.
- If you reach for agentic coding tools as your default workflow and can hold your own in a design review with a backend or systems engineer, we'd love to work with you.
- WHAT YOU'LL DO - Drive secure design across the platform: lead threat models for new features, review architecture proposals, and partner with product and backend engineers to ship features that are secure by default - Review code across our TypeScript, Python, and Go services, our open source tracing libraries, and our model proxy — and find the bugs others miss - Build the paved road: authn/authz primitives, RBAC and tenancy isolation patterns, secret handling, safe data pipelines, and sandboxed code
- experience with authn/authz design, multi-tenant data isolation, and secrets/key management at scale - Comfortable with the realities of a high-availability data platform: real-time pipelines, ingestion at scale, semi-structured data, Postgres, Redis, AWS - A clear point of view on AI/LLM security — prompt injection, agent abuse, tool-use sandboxing, model proxy threats — and ideally hands-on
- experience with LLM red-teaming, agent sandbox research, or shipping security-focused open source libraries
Benefits
- experience defending against them - Daily user of agentic coding tools and excited to push the frontier of how AppSec gets done with them - Clear communicator who documents decisions, writes tickets engineers want to pick up, and lifts the team's security awareness without becoming a bottleneck - Bonus: prior