security
Posted 2 weeks agoApplication Security Engineer
at Oneleet
United StatesRemote
Responsibilities
- - Own the integration, configuration, and output quality of security tooling that powers our platform - Tune outputs to maximize signal and minimize noise — decide what to surface, what to suppress, and what to enrich - Design rules, severity scoring, and triage flows that make findings actionable rather than overwhelming - Build the security judgment layer on top of underlying tooling — context-aware prioritization and exploitability reasoning - Partner with engineers on how findings are
Requirements
- We provide a platform that helps companies build, manage, and monitor their cybersecurity programs and achieve compliance standards such as SOC 2 and ISO 27001 efficiently, without cutting corners.
- experience in security and compliance.
- QUALIFICATIONS: - 5+ years of application security experience, with significant time shipping security products - Strong programming skills in at least one of Go, Python, or TypeScript — this is a product engineering role with security depth, not security operations - Hands-on
- experience tuning security tooling for production use — reducing false positives, building suppression logic, designing severity models - Understanding of vulnerability research, CVE/CWE taxonomies, and exploit reasoning - Has worked through what makes a security finding actually actionable vs. just technically true - Excellent communication skills and comfort working directly with customers - Pragmatic; knows how to build things fast without unnecessarily complicating things -
- experience shipping a security product at a vendor - Contributions to open source security tooling - Offensive security background or OSCP / similar certifications - Hands-on
- experience with LLM agents, tool use, or autonomous AI systems YOU SHOULD APPLY IF ANY OF THE FOLLOWING EXCITE YOU: - Owning the security depth of a product from tooling integration to user-facing findings - Being the security voice in a product team that ships fast and listens to customers - Building on top of best-in-class open source tooling rather than reinventing from scratch - Working directly with security teams using the product and iterating on real-world feedback - Joining a small, scrappy team
- experience demonstrated through the interview process, and relevant education or training.