Senior Staff Application Security Engineer

Senior Staff Application Security Engineer

Join Us at Pura—Reimagining Fragrance for the Future

At Pura, we believe life is better when it smells good. Fragrance has the unique power to transform spaces, elevate moods, and create lasting memories. But we know it can do even more. That’s why we’re pioneering the future of fragrance, combining cutting-edge smart home technology with premium, clean scents to create personalized, meaningful experiences in every home.

We’re not just a fragrance company—we’re on a mission to change the way people experience scent. At Pura, we are redefining fragrance as a critical element of design, on par with color, texture, sound, lighting, and furniture. We call this Scent Design—transforming scent from an afterthought into an intentional, skillful component of every space. By blending artistry and science, Pura allows users to design their own “scentscapes” that enhance daily life and craft environments that feel as good as they smell.

Our journey began with two innovators, Richie Stapler and Bruno Lima, and their shared vision of revolutionizing how we experience fragrance. Since then, Pura has grown into a company that sells a fragrance every 3.7 seconds, partnering with iconic brands like Curio, Anthropologie, and Disney. We’ve been recognized as the Fastest Growing Company in Utah, and we are passionate about making scent a core part of life’s most memorable moments.

As a Senior Staff Application Security Engineer, you will be the primary technical authority for our application security program. This is a high-impact leadership role reporting directly to the Director of Security. You will be responsible for securing the entire Pura ecosystem—from our mobile apps and cloud-native backend to our innovative IoT hardware and emerging AI-driven features.

You aren't just finding bugs; you are designing the secure workflows that empower our engineering teams to move fast without breaking our "hard no" policy on security risks.Your role goes beyond simple bug detection; you will architect secure, efficient workflows. This empowers our engineering teams to accelerate development while upholding our commitment to best-in-class policies, recognizing that they are negotiable to align with business needs. Compromise is key to creating the best solutions that allow the business to move fast while still ensuring we have mitigating safety features. You will lead manual code audits, architect security for AI/LLM systems, and proactively hunt for threats that target our unique "Scent Design" platform.

*Open to remote/hybrid candidates

You will help us inspire a belief in the power of fragrance to craft and elevate memorable moments for our Owners. This is your chance to make an impact in a high-growth company that’s redefining the way people experience scent.

What You’ll Own:

• Security Architecture & AI Integration: Lead the design and security review of AI-powered features, ensuring LLM safety (preventing prompt injection, data leakage, and RAG vulnerabilities).
• Secure Workflow Design (DevSecOps): Design and implement "secure-by-default" guardrails and automated security pipelines (SAST, DAST, SCA) that integrate seamlessly into GitHub Actions and CI/CD.
• Advanced Code Auditing: Conduct deep-dive manual source code reviews of complex features, focusing on business logic flaws and authorization issues that automated tools miss.
• Threat Hunting & Research: Lead proactive application-level threat hunting exercises to identify anomalies and indicators of compromise (IOCs) within the Pura cloud and IoT ecosystem.
• Vulnerability Management: Own the end-to-end lifecycle of security findings, from triage and reproduction to partnering with engineering for remediation

Essential Functions:

• Act as a technical mentor and "Security Champion" lead for the engineering organization.
• Perform architectural risk analysis and threat modeling for new product launches.
• Develop custom security tooling and automation scripts to reduce manual toil.
• Stay ahead of the curve on IoT security standards and emerging AI attack vectors.
• Collaborate with the Director of Security to define the AppSec roadmap and track meaningful security metrics.
• Serve as a technical lead during security incidents, conducting root-cause analysis and post-mortem improvements.

Qualifications:

• Experience: 8 years in Application Security or Software Engineering with a heavy security focus. At least 3 years in a Staff or Lead capacity.
• Technical Depth: Expert-level knowledge of web, mobile (iOS/Android), and API security. Deep familiarity with the OWASP Top 10 and SANS Top 25.
• AI Security Expertise: Proven experience securing LLM-based applications and understanding AI-specific risks (OWASP for LLMs).
• Cloud & IoT: Extensive experience with AWS/GCP security and securing IoT device-to-cloud communication.
• Coding Skills: High proficiency in at least one modern language (Node.js, Python, Go) and the ability to perform manual code reviews in a polyglot environment.
• Workflow Mastery: Strong experience with Infrastructure as Code (Terraform), container security (Docker/K8s), and CI/CD automation.
• Communication: Ability to simplify complex security risks for executive leadership while providing actionable, code-level guidance to developers.

We’re passionate about creating spaces that inspire, elevate, and transform everyday life. We believe scent is more than just a pleasant background—it’s an integral part of Scent Design, transforming homes into meaningful, personalized spaces. Our smart home fragrance diffusers allow users to design their own scent experiences with premium, clean fragrances.

After 10 years of innovation, we’ve been recognized by Inc. and Utah Business as one of the best places to work, and we continue to push the boundaries of technology and fragrance. Join us in our pursuit of reimagining what’s possible with scent design.

Pura’s Culture

Our culture is built on a foundation of innovation, collaboration, inclusivity, and being good humans. We believe in fostering an environment where creativity thrives, empowering each team member to contribute their unique perspectives and skills. Our commitment to sustainability and integrity drives our decisions, ensuring that we not only create exceptional products but also contribute positively to our community and the planet. We celebrate diversity and prioritize open communication, cultivating a supportive atmosphere where everyone feels valued and inspired to push boundaries. Together, we’re not just building a brand—we’re creating a movement that redefines the role of fragrance in our lives.

We’re looking for individuals who believe in the power of fragrance and technology to transform lives. If you’re ready to be part of a dynamic, fast-growing company at the forefront of an exciting industry, we’d love to hear from you.

Pura provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

*All candidates are subject to a background check.