Why This Job is Featured on The SaaS Jobs
Application security has become a first-order product concern for SaaS companies shipping AI-enabled platforms and developer-facing APIs. This role sits where modern SaaS risk concentrates: securing cloud-native services, CI/CD supply chains, and production features that must be delivered continuously. The remit also reflects a newer reality in SaaS engineering, where AI-assisted and agentic coding increases throughput and changes how guardrails need to be designed.
For a SaaS career, the standout value is building security as an engineering function rather than a review checkpoint. Experience designing secure-by-default patterns, threat modeling evolving architectures, and embedding controls into workflows translates across most subscription software businesses. Work spanning vulnerability prioritisation, platform collaboration, and production hardening also maps well to later paths in platform security, product security leadership, or developer enablement.
This is best suited to an engineer who prefers shipping tools and defaults that other teams adopt, and who is comfortable partnering closely with product and infrastructure groups. It fits someone who enjoys hands-on coding alongside security work, and who is motivated by reducing real-world risk in live SaaS systems rather than producing policy artifacts. Remote delivery with time zone alignment signals a role built around async collaboration with clear technical ownership.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
About ElevenLabs
ElevenLabs is an AI research and product company transforming how we interact with technology.
We launched in January 2023 with the first human-like AI voice model. Today, we serve millions of users and thousands of businesses - from fast-growing startups to large enterprises like Deutsche Telekom and Meta. Our investors are some of the world's most prominent, including Andreessen Horowitz, ICONIQ Growth and Sequoia. We've raised $781M in funding and our last valuation was $11B - multiples of 11, always.
We have expanded from voice into three main platforms:
ElevenAgents enables businesses to deliver seamless and intelligent customer experiences, with the integrations, testing, monitoring, and reliability necessary to deploy voice and chat agents at scale.
ElevenCreative empowers creators and marketers to generate and edit speech, music, image, and video across 70+ languages.
ElevenAPI gives developers access to our leading AI audio foundational models.
Everything we do is the result of the creativity and commitment of our team - builders doing the best work of their lives. We are researchers, engineers, and operators. IOI medalists and ex-founders. If you want to work hard and create lasting positive impact, we want to hear from you.
How we work
High-velocity: Rapid experimentation, lean autonomous teams, and minimal bureaucracy.
Impact not job titles: We don’t have job titles. Instead, it’s about the impact you have. No task is above or beneath you.
AI first: We use AI to move faster with higher-quality results. We do this across the whole company—from engineering to growth to operations.
Excellence everywhere: Everything we do should match the quality of our AI models.
Global team: We prioritize your talent, not your location.
What we offer
Innovative culture: You’ll be part of a generational opportunity to define the trajectory of AI, surrounded by a team pushing the boundaries of what’s possible.
Growth paths: Joining ElevenLabs means joining a dynamic team with countless opportunities to drive impact - beyond your immediate role and responsibilities.
Learning & development: ElevenLabs proactively supports professional development through an annual discretionary stipend.
Social travel: We also provide an annual discretionary stipend to meet up with colleagues each year, however you choose.
Annual company offsite: Each year, we bring the entire team together in a new location - past offsites have included Croatia and Italy.
Co-working: If you’re not located near one of our main hubs, we offer a monthly co-working stipend.
About the role
We’re looking for an Application Security Engineer to join the ElevenLabs Security team. In this role, you’ll work at the intersection of security and software engineering, building systems and tooling that enable teams to ship secure software at high velocity.
You will:
Design and build application security tooling and guardrails that integrate directly into modern development workflows, including environments that heavily leverage AI-assisted and agentic coding
Partner with Engineering and Infrastructure teams to review application architectures, develop threat models and build in secure by default patterns throughout the software development lifecycle
Identify, prioritise and remediate application security vulnerabilities, working directly with engineers and contributing to fixes where required, across the entire stack.
Ship new security features which directly improve the security posture of our products in production
Design and implement supply chain security controls across build and deployment pipelines, including artefact signing, provenance, dynamic admission controls and SBOM generation
Requirements
Strong software engineering background, with experience building and shipping production systems
Proven track record of building and scaling security programs or developer security tooling from scratch
Fluency in Python and TypeScript with the ability to read, write and maintain production quality code
Hands on experience in cloud-native environments (AWS or GCP), Kubernetes, and infrastructure-as-code (Terraform)
Solid understanding of application security, including discovery, exploitation and remediation. You should understand how to prioritise fixes without relying on CVE scores alone
Experience driving real security improvements through technical design, implementation and secure defaults, rather than through policy or manual review alone
Bonus:
Experience securing AI or Machine Learning systems, including training pipelines
Background in developer experience or platform engineering, especially building developer tooling
Contributions to open source security projects, published research or talks at security conferences
Experience working in regulated environments (SOC 2, ISO27001, PCI, HIPAA or similar)
Location
This role is remote and can be executed globally. However, to facilitate working with the Security Team, we prefer candidates based in GMT to GMT+3 or UK. If you prefer, you can work from our offices in Dublin, London or Warsaw
