Staff Application Security Engineer, AI

AI-Focused Staff Application Security Engineer

At ServiceTitan, we are transforming product security into a core part of how engineering delivers software. We are looking for an AI-Focused Staff Application Security Engineer to help define and deliver a secure paved road, creating automated, developer friendly security patterns that enable our 80 plus R&D teams to build securely by default without slowing down innovation.

In this role, you will partner closely with engineering to embed practical guardrails, manage emerging risks like non-human identities and data exposure, and enable teams to move quickly without compromising trust. This is an opportunity to shape the future of application security in an AI first environment, turning security into a core enabler of innovation rather than a constraint.

What you'll do:

• Secure-by-Design Engineering
• Pipeline Automation: Embed security directly into the development pipeline through intelligent prompting and AI driven agents.
• Secure-by-Default Code: Collaborate with Engineering to develop and maintain secure microservice templates and libraries that have security controls built in from the start.
• Supply Chain Protections: Implement controls to secure dependencies, build artifacts, and third party integrations. Partner with engineering to enforce integrity, provenance, and policy checks within build and release workflows.

• AI-Driven Security Testing & Validation
• Automated Scanning: Evaluate, configure, and implement AI agentic tooling to autonomously test our web applications for vulnerabilities.
• Simulation & Validation: Use agentic tooling to run proactive simulations based on emerging threats to validate our defenses in real time.
• Outcome Accountability: Drive adherence to vulnerability remediation SLAs by partnering with engineering teams to track, prioritize, and resolve security issues. Ensure clear ownership, measurable progress, and consistent follow through to reduce risk and maintain accountability.

• AI & Identity Security
• AI Guardrails: Design and implement technical guardrails for AI Coding Agents and Model Context Protocols (MCP) to ensure safe adoption of AI in the development lifecycle.
• AI-Driven Tooling: Help operationalize AI based tooling to act as a "GPS" for developers, tuning the system to provide accurate, on demand threat modeling, design, and development advice.
• Non-Human Identity Management: Partner with engineering to define and implement strategies for managing machine identities across AI systems, including service accounts, API keys, and agent authentication. Enforce least privilege access, credential lifecycle management, and integration with secrets management and CI CD pipelines to reduce risk and prevent misuse.

• Developer Enablement & Security Operations
• Technical "Pit Crew": Act as the AppSec technical expert for the Security Champions Program. While leadership manages the program logistics, you will be the expert answering complex coding questions and guiding Champions on how to fix vulnerabilities.
• Contextual Training: Assist in setting up "Just in Time" training campaigns that trigger micro-trainings when engineers introduce vulnerabilities, allowing them to fix their own code.
• Triage to Automate: Own the initial triage of incoming vulnerability tickets (SAST/SCA). You will use this hands on work to identify the "noise" and pattern match recurring issues, directly informing which guardrails you build next.

What you'll bring:

• Experience: 7-10+ years of experience in Product/Application Security, with a strong background in software engineering.
• Demonstrated AI Expertise: Proven experience at the intersection of AI and security, including securing AI workloads and leveraging AI agents to enhance defensive capabilities.
• Modern AppSec: Experience implementing tools and driving for secure outcomes throughout the Secure Software Development Lifecycle including Threat Modeling, Code Scanning, and Penetration testing.
• Automation Mindset: Proven ability to prompt, script, and automate security tasks. You prefer building a tool to solve a problem over fixing it manually.

Why this role?

Own Outcomes, Not Activity: Your success will be measured by real risk reduction. You will directly influence vulnerability backlog reduction, remediation velocity, and the overall security posture of the organization.

Operate at the Intersection of Engineering and Security: You will work side by side with engineering teams to shape how software is built, secured, and deployed. This role gives you the platform to influence architecture, development practices, and platform level controls.

Lead the Next Evolution of AppSec: You will help define how modern security teams leverage automation and intelligent systems to scale. From secure by design patterns to autonomous testing and remediation, you will be pushing the boundaries of how security is done.

High Ownership, High Leverage: You will have the autonomy to identify problems, design solutions, and implement them end to end. The work you do will scale across teams and services, amplifying your impact well beyond a single application or domain.

Be Human With Us: Being human isn't about checking every box on a list. It's about the experiences we have, people we meet, and the perspectives we share. So, if you have the skills but are hesitant to apply because of your background, apply anyway. We need amazing people like you to help us challenge the conventional and think differently about the problems that we're solving. We're in this together. Come be human, with us.

Use of AI Technology:

We use technology, including automated and AI-assisted tools, to support certain aspects of our recruitment process. These tools are designed to improve efficiency and enhance the candidate experience. AI tools are not used to make hiring decisions; all hiring decisions are made by our hiring teams.

What We Offer:

When you join our team, you're not just accepting a job. You're making a career move. Here's how we'll support you in doing some of the most impactful work of your career:

• Flextime, recognition, and support for autonomous work: Flexible time off with ample learning and development opportunities to continue growing your career. We offer a comprehensive onboarding program, leadership training for Titans at all levels, and other programs and events. Great work is rewarded through Bonusly, peer-nominated awards, and more.
• Holistic health and wellness benefits: Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents), FSA and HSA, 401k match, and telehealth options including memberships to One Medical.
• Support for Titans at all stages of life: Parental leave and support, up to $20k in fertility services (i.e. IUI and IVF), surrogacy, and adoption reimbursement, on demand maternity support through Maven Maternity, free breast milk shipping through Maven Milk, pet insurance, legal advisory services, financial planning tools, and more.

At ServiceTitan, we celebrate individuality and uniqueness. We believe that the convergence of fresh perspectives and experiences from all walks of life is what makes our product and culture so great. We strongly encourage people from underrepresented groups to apply. We do not discriminate against employees based on race, color, religion, sex, national origin, gender identity or expression, age, disability, pregnancy (including childbirth, breastfeeding, or related medical condition), genetic information, protected military or veteran status, sexual orientation, or any other characteristic protected by applicable federal, state or local laws.

ServiceTitan is committed to fair and equitable compensation for all of our employees. We thoughtfully consider a wide range of factors when determining individual compensation, which may change over time. We comply with all applicable minimum wage laws. For candidates in the United States, the good faith salary ranges estimate for this role is:

Zone 1: $163,400 USD - $245,000 USD Applicable for: CA, CT, DC, MD, MA, NJ, NY, VA, and WA

Zone 2: $152,600 USD - $229,000 USD Applicable for: All other US locations.

International Compensation for candidates residing outside the United States will vary by location and will be discussed during the hiring process. Actual compensation within a range is determined by factors including relevant experience, skill set, qualifications, and performance. In addition to base salary, our total compensation package includes an annual bonus, equity, and a holistic suite of benefits.