What are the responsibilities and job description for the Senior Application Security Engineer position at ExecutivePlacements.com?
Why join us
Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises including DoorDash, Flexport, and Compass use Brex to proactively control spend, reduce costs, and increase efficiency on a global scale.
Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. Were committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career.
Engineering at Brex
Engineering at Brex is about building systems that scale with speed and intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy and deep collaboration. We tackle hard technical problems, own our outcomes, and push for excellence at every level from architecture to deployment. Its an environment where engineering is a craft, and builders become leaders.
What Youll Do
As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will perform code reviews, design reviews, penetration testing, and vulnerability management. You will develop and maintain tooling to perform static and dynamic testing of the Brex platform and tooling which supports secure developer workflows. Application Security is part of our wider Financial Scale organization, which means you will work closely with Security Operations, GRC, Product Security, Front End Platform, IT Infrastructure teams.
Were looking for individuals with a strong background and interest in penetration testing. You should have a demonstrated ability to find vulnerabilities in complex systems and craft exploits to demonstrate business impact. This role is highly cross functional and collaborative, you will have the opportunity to work with every engineering team across Brex. You should be enthusiastic about working with a variety of backgrounds, roles, and needs. Building a world-class financial service requires world-class security.
Brex is pioneering the next wave of AI-driven financial services for dynamic, high-impact companies like Coinbase, Robinhood, and Anthropic. We're at the early stages of integrating AI across our product suite, this role will have the opportunity to influence and secure the future of AI Security at Brex. You'll be at the forefront of securing our novel AI implementations, identifying attack vectors in agentic-powered features, and partnering with product and engineering teams to build AI capabilities that our customers can trust with their critical financial operations.
Where youll work
This role will be based in our San Francisco office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home. We currently require a minimum of three coordinated days in the office per week, Monday, Wednesday and Thursday. As a perk, we also have up to four weeks per year of fully remote work!
Responsibilities
The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidates location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package.
Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises including DoorDash, Flexport, and Compass use Brex to proactively control spend, reduce costs, and increase efficiency on a global scale.
Working at Brex allows you to push your limits, challenge the status quo, and collaborate with some of the brightest minds in the industry. Were committed to building a diverse team and inclusive culture and believe your potential should only be limited by how big you can dream. We make this a reality by empowering you with the tools, resources, and support you need to grow your career.
Engineering at Brex
Engineering at Brex is about building systems that scale with speed and intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy and deep collaboration. We tackle hard technical problems, own our outcomes, and push for excellence at every level from architecture to deployment. Its an environment where engineering is a craft, and builders become leaders.
What Youll Do
As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will perform code reviews, design reviews, penetration testing, and vulnerability management. You will develop and maintain tooling to perform static and dynamic testing of the Brex platform and tooling which supports secure developer workflows. Application Security is part of our wider Financial Scale organization, which means you will work closely with Security Operations, GRC, Product Security, Front End Platform, IT Infrastructure teams.
Were looking for individuals with a strong background and interest in penetration testing. You should have a demonstrated ability to find vulnerabilities in complex systems and craft exploits to demonstrate business impact. This role is highly cross functional and collaborative, you will have the opportunity to work with every engineering team across Brex. You should be enthusiastic about working with a variety of backgrounds, roles, and needs. Building a world-class financial service requires world-class security.
Brex is pioneering the next wave of AI-driven financial services for dynamic, high-impact companies like Coinbase, Robinhood, and Anthropic. We're at the early stages of integrating AI across our product suite, this role will have the opportunity to influence and secure the future of AI Security at Brex. You'll be at the forefront of securing our novel AI implementations, identifying attack vectors in agentic-powered features, and partnering with product and engineering teams to build AI capabilities that our customers can trust with their critical financial operations.
Where youll work
This role will be based in our San Francisco office. We are a hybrid environment that combines the energy and connections of being in the office with the benefits and flexibility of working from home. We currently require a minimum of three coordinated days in the office per week, Monday, Wednesday and Thursday. As a perk, we also have up to four weeks per year of fully remote work!
Responsibilities
- Identifying vulnerabilities, demonstrating business impact, and articulating the risk of specific vulnerabilities to drive prioritization efforts
- Perform penetration testing and design reviews, looking for vulnerabilities and insecure designs, work with engineering and product to design secure product features
- Maintain and build internal tools to automate security efforts, perform SAST and DAST testing of the Brex platform, and support secure development practices
- Build and contribute to a culture of collaborative security excellence through technical leadership, learning sessions, and mentorship within the team and wider organization
- 5 years work experience in an Application Security or related role
- Ability to find vulnerabilities in complex systems, demonstrating business impact through custom attack chains
- Experience with a wide range of secure development activities including threat modeling, developer education, and incident response
- Knowledge of Python, scripting languages, and AI/agentic workflows to automate tasks, build tools and improve productivity
- Collaborative mindset paired with strong written and verbal communication skills
- Proficiency with Kotlin, gRPC, GraphQL, Kubernetes
- Previous experience as a software engineer
- Consultancy experience performing web application security reviews
- Experience with securing distributed systems in AWS and cloud environments
- Experience with pentesting and securing agentic features and systems
- Contributions to the wider technical community open source, public research, mentorship, community organizing, blogging, CVEs, presentations, etc
- Experience submitting to bug bounty programs or responsible disclosure programs
The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidates location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package.
Salary : $192,000 - $240,000
