Application Security Engineer
Brain Trust Inc
Application Security Engineer
Braintrust is the AI observability platform. By connecting evals and observability in one workflow, Braintrust gives builders the visibility to understand how AI behaves in production and the tools to improve it.
Teams at Notion, Stripe, and Vercel use Braintrust to compare models, test prompts, and catch regressions — turning production data into better AI with every release.
We're looking for an Application Security Engineer who lives in the code. Braintrust is a real-time, high-availability data platform that runs in both SaaS and self-hosted environments, with open source libraries embedded inside thousands of customer applications and a model proxy in front of major model providers.
This is a hands-on IC role. You'll review code, build threat models, ship paved-road libraries, and lead AI-specific security work: prompt injection, agent sandbox escapes, tool-use abuse, and the new attack surface that comes with LLM-native applications. If you reach for agentic coding tools as your default workflow and can hold your own in a design review with a backend or systems engineer, we'd love to work with you.
What You'll Do
- Drive secure design across the platform: lead threat models for new features, review architecture proposals, and partner with product and backend engineers to ship features that are secure by default
- Review code across our TypeScript, Python, and Go services, our open source tracing libraries, and our model proxy — and find the bugs others miss
- Build the paved road: authn/authz primitives, RBAC and tenancy isolation patterns, secret handling, safe data pipelines, and sandboxed code execution for user-supplied JavaScript and Python snippets
- Own our SAST, DAST, SCA, and secret-scanning tooling end-to-end, keeping signal-to-noise high enough that engineers actually fix what you ship
- Run our vulnerability management program and triage external bug bounty reports; close the loop with durable fixes, not point patches
- Lead AI-specific security work: prompt injection defenses, model proxy abuse detection, agent and tool-use sandboxing, data-exfiltration controls in multimodal pipelines, and security for the eval workflows our customers run
- Partner with our open source maintainers on the security of libraries that get embedded inside customer applications
- Use agentic coding workflows to scale yourself: automated code review, exploit prototyping, control validation, and IR triage
Ideal Candidate Credentials
- 5+ years in application security, product security, or backend engineering with a security focus — you've shipped real code and reviewed a lot of it
- Strong code reading and writing skills in at least two of TypeScript/Node.js, Python, Go, or Rust
- Deep knowledge of common web and API vulnerability classes and the architectural patterns that prevent them — not just OWASP Top 10 trivia
- Track record of building secure-by-default libraries, frameworks, or services that other engineers actually adopt
- Hands-on experience with authn/authz design, multi-tenant data isolation, and secrets/key management at scale
- Comfortable with the realities of a high-availability data platform: real-time pipelines, ingestion at scale, semi-structured data, Postgres, Redis, AWS
- A clear point of view on AI/LLM security — prompt injection, agent abuse, tool-use sandboxing, model proxy threats — and ideally hands-on experience defending against them
- Daily user of agentic coding tools and excited to push the frontier of how AppSec gets done with them
- Clear communicator who documents decisions, writes tickets engineers want to pick up, and lifts the team's security awareness without becoming a bottleneck
- Bonus: prior experience with LLM red-teaming, agent sandbox research, or shipping security-focused open source libraries
Benefits Include
- Medical, dental, and vision insurance
- Daily lunch, snacks, and beverages
- Flexible time off
- Competitive salary and equity
- Wifi & cellphone stipend
Equal Opportunity
Braintrust is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
- ...Senior Application Security Engineer Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed...SuggestedWorldwideFlexible hours
- ...Job Title Must Have:- • Seeking candidates with solid expertise in manual web application penetration testing and manual secure code review. • Expertise in performing manual test case scenarios is a must. • Identification of vulnerabilities in source codes manually...Suggested
- ...20. Since then, we have issued innovative bitcoin-backed securities and have been the leader in bitcoin treasury companies. This... ...and redefine financial investment. Job Description Application Security Engineer Strategy (Nasdaq: MSTR) * Tysons Corner, VA * Full-...SuggestedFull timeShift work
- ...Location- Hybrid in Memphis, TN, Addison, TX, or McLean, VA. Rate- $80-90/hr . ON W2 As Senior Lead Engineer for Application Security Architecture team, you will work closely with application team to help implement security solutions that are tailored...SuggestedWork experience placement
- Integral Federal, Inc. is seeking an AI-Advanced Technician to provide AI application and infrastructure support for the Defense Nuclear Facilities Safety Board (DNFSB) network. Responsibilities include designing and developing AI applications and implementing machine learning...Suggested
$81k - $130k
...to learn more about Wagstaff? Join us for a virtual tour! Job Summary Primary duties consist of the application of electrical and/or mechanical engineering knowledge to the unique set of circumstances at each customer location, including but not limited to...Contract workWork at officeLocal areaMonday to FridayShift work$180k - $197.5k
...Application Engineer IV – Active TS/SCI with Polygraph required Are you ready to make a meaningful impact with a company that values your technical ambition? Join us and experience a company where your contributions truly make a difference! BS in technical field + 15...Contract workWork experience placementImmediate start- ...VetsEZ is seeking a HealthShare Integration Engineer to join our remote team. The candidate will be able to support an alternative schedule... .... Help in Tier 3 support of the InterSystems HealthShare Application and related technologies. Installation and configuration of...Remote workShift workNight shiftAfternoon shift
- ...Overview VetsEZ is seeking a HealthShare Application Engineer (Remote Opportunity) to join our remote team. The engineer should have experience and knowledge to design, code, test, debug, and document software in a variety of programming languages. The candidate must...Remote work
$133k - $166k
...What You'll Do We are seeking a Senior Application Engineer I to lead the advanced configuration, integration, and optimization... ...vendors, and internal stakeholders to ensure applications are secure, scalable, and fully leveraged to meet complex business needs...WorldwideFlexible hours$105k - $130k
...of government and nonprofit organizations and individuals. Applications Engineer The Applications Engineer is a highly skilled technical position... ...project work with minimal supervision, ensuring stable, secure, and scalable application solutions aligned with business needs...Temporary workWork at officeRemote work$110k - $130k
...Industries Software - Mendix Siemens Digital Industries Software is seeking a highly motivated and technically proficient Application Support Engineer to join our Mendix team. This role is ideal for an individual who demonstrates strong problem‑solving capabilities, a...Work at office- Ansys, Inc. is looking for a skilled engineering professional to join their Customer Excellence team. In this role, you will leverage your expertise with Ansys products to provide technical pre-sales support and help solve customers' engineering problems. You will work...
- A technology and services firm is seeking an experienced IT legal support provider in Washington, DC. The role requires substantial programming expertise and involves developing complex programs for litigation support. Ideal candidates will have at least two years of relevant...
- ...skills and experience managing complex programs in a litigation environment. Responsibilities include developing and maintaining applications, translating requirements, and refining programs to enhance efficiency. The role requires substantial programming experience and...Full time
$74.8k - $130.9k
...Description: Parsons is looking for an amazingly talented Security Systems Design Engineer to join our team! In this role you will get to develop... ...is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard...Work experience placementWork at officeLocal areaWorldwideFlexible hours- ...Security Systems Design Engineer EMD LLC is looking for a Security Systems Design Engineer to join our team! In this role you will get to develop... ...do their best work. We do not discriminate against any applicant or employee on the basis of race, color, religion, sex (...Work experience placementWork at officeLocal areaWorldwide
- ...Field Application Engineer The Field Application Engineer will serve as the primary technical bridge between our engineering team and customer environments where our product is deployed, including secure facilities. They will support customer operators to manage the...Local area
$103.2k - $203.4k
...Generative Ai Applications Engineer (Agents & Rag) Build AI that matters. We ship production GenAI apps for confidential federal programs across defense, national security, public safety, civilian, and military health where reliability, privacy, and safety aren't optional...$47.85 - $57.85 per hour
...mutually agreeable solutions to close workflow gaps. Involves design, building, testing, and implementation of Epic integration application systems. Works with clinicians to create or adapt written protocols. Resource should able to troubleshoot the issues and provide...Hourly payWork experience placementLive inWork at officeLocal areaFlexible hours- The team is responsible for supporting the sustainment of Applications/Services providing the backend administration and support in the Oracle... ...Management (ALM) Octane Certifications Current Comptia Security + - Must Have Any of the following certifications for 8570 Baseline...
$78.4k - $127k
Responsible for supporting the sustainment of Applications/Services providing the backend administration and support in the Oracle Cloud... ..., systems administration or other IT related field. CompTIA Security+ Candidates should have some experience with ReadyAPI,...Contract workWork at office$55 per hour
Remote - 1st week at client site then remote - can be full time or part time Duration: 2-3 months $55/hr Our client is transitioning from Eloqua to ExactTarget (email marketing systems). They need someone that can build custom code and queries to build out their ExactTarget...Remote jobFull timePart time$124k - $155k
...deployment and ongoing support of cloud services to both internal stakeholders and clients. Ensures mission‑critical federal applications are prepared to handle increased demand, peak usage periods, and high‑volume operational workloads. Responsible for forecasting...Contract workWork experience placementWork at office$143k - $175k
As a Sr. Application Delivery Engineer I, you’ll engineer, administer, and optimize enterprise application delivery and load-balancing solutions... ...systems. What you’ll need to succeed: An active Top Secret security clearance with current or previously held SCI access. A...Full timeWork experience placementLocal areaFlexible hours$75k - $85k
...growing team in Washington, D.C. This role focuses on providing security design consulting services across various project types,... ...field and have 2+ years of experience in the architecture and engineering industry. The compensation for this position ranges from $75,0...- ...is assured, and the free world remains secure. Founded in 2024, Twenty Technologies... ...exceptionally skilled Offensive Cyber Research Engineer for an in-office position in its... ...cybersecurity across network security, application security, secure coding, cryptography, and...Full timeWork at officeWorldwideFlexible hours
- ...Sr. Applications/Systems Sales Engineer As a Sr. Applications/Systems Sales Engineer here at Honeywell, you will serve as a trusted technical advisor... ...subject matter expert supporting Honeywell's physical security portfolio, including LenelS2 OnGuard, NetBox, and...Temporary workFlexible hours
- ...Effective Communication, Customer Focus, and Proactive Safety & Security’ are what every employee needs to know and do to be most... ...Cloud technology, middleware/DB platforms, networking, packaged applications, system integration, or software development. Areas of responsibility...Hourly payPermanent employmentFull timeTemporary workWork experience placementInterim roleLocal areaRemote workRelocationFlexible hours
- ...is assured, and the free world remains secure. Founded in 2024, Twenty Technologies... ...security outcomes. You’ll partner closely with engineering, product, and operations leaders, and... ...employer. We consider all qualified applicants without regard to race, color, religion,...Full timeWork at officeFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
- senior application support engineer Washington DC
- application performance engineer Washington DC
- application support engineer Washington DC
- network applications engineer Washington DC
- field applications engineer Washington DC
- application security engineer Washington DC
- senior application security engineer Washington DC
- technical application engineer Washington DC
- application engineer Washington DC
- project application engineer Washington DC



