Application Security Engineer

SynthesiaCreate AI videos from text with AI video generator. Get the most advanced AI avatars and voiceovers in 130+ languages. Try the free AI video generator today!From your everyday PowerPoint presentations to Hollywood movies, AI will transform the way we create and consume content. Today, people want to watch and listen, not read — both at home and at work. If you’re reading this and nodding, check out our brand video.Despite the clear preference for video, communication and knowledge sharing in the business environment are still dominated by text, largely because high-quality video production remains complex and challenging to scale—until now….Meet SynthesiaWe're on a mission to make video easy for everyone. Born in an AI lab, our AI video communications platform simplifies the entire video production process, making it easy for everyone, regardless of skill level, to create, collaborate, and share high-quality videos. Whether it's for delivering essential training to employees and customers or marketing products and services, Synthesia enables large organizations to communicate and share knowledge through video quickly and efficiently. We’re trusted by leading brands such as Heineken, Zoom, Xerox, McDonald’s and more.In 2023, we were one of 7 European companies to reach unicorn status. In February 2024, G2 named us as the fastest growing company in the world. We’ve raised over $150M in funding from top-tier investors, including Accel, Nvidia, Kleiner Perkins, Google and top founders and operators including Stripe, Datadog, Miro, Webflow, and Facebook.Ethics and AI safety have always been core to our mission, and to translate our commitments into action, we rely on our 3Cs framework: Consent, Control, and Collaboration. Additionally, we are the first AI video company to achieve the new ISO 42001 certificate on AI system management, covering the unique challenges AI poses, such as ethical considerations, transparency, and continuous learning.About the roleAs an Application Security Engineer, you will join a small team of security engineers supporting the Product Engineering and Research and Development (RnD) departments. You’ll work closely with product managers, engineers, and researchers to help shape and ship secure by default product features. Driven and impact-focused, you will take the initiative to communicate effectively with product managers and teams, ensuring alignment and addressing potential issues promptly. As a member of a small team, you’ll also help set the strategy and direction for scaling the company-wide application security program.If you’re passionate about the ethical use of AI, have experience in driving organizational-wide application or product security programs, can dive deep technically with engineers and researchers, and can communicate product risk tradeoffs clearly and with empathy, this is for you.What will you be doing?In this position, you'll be:Building and maintaining partnerships with specific product engineering teams as a reasonable, friendly, and effective security advocate.Leading threat modeling of top engineering priorities with security impact, supporting engineers in reviewing pull requests, weighing in on security impacting implementations, and answering ad-hoc application security questions.Building guidance and implementing secure by default patterns/paved roads.Contributing to improving and scaling our secure software development program.Coordinating penetration testing and bug bounty programs.Supporting our Corporate Security team who oversees general Security Operations on any area overlapping with application security.Who are you?You have 5+ years of application security experience including design level guidance/threat modeling, code review, and application security testing.You have been part of the AppSec team for a fast-growing company and owned driving and scaling the program.You have prior experience in understanding the unique security challenges posed by SaaS products.You can read, and if required even write, production code in Python and Typescript, make iterative improvements, and identify and fix security vulnerabilities.You have a track record of implementing automation in a security context.You have built strong positive relationships with internal customer engineering teams as an application or product security engineer.You have worked with product managers and engineers on balancing risks with product priorities such as velocity and user friction.You have prior experience in understanding cloud security considerations for product engineering teams, particularly within AWS.The good stuff...Attractive compensation (salary + stock options + bonus).A remote-first team and flexible work/life balance culture.The option to join one of our offices in London, Amsterdam, Munich, or Zurich.25 days of annual leave + public holidays.Work in a great company culture with the option to join regular planning and socials at our hubs, and company retreats.Strong opportunities for your career growth. #J-18808-Ljbffr