Why This Job is Featured on The SaaS Jobs
Enterprise SaaS is increasingly defined by AI features shipped as platforms rather than standalone products, and that raises the security bar across APIs, data pipelines, and developer workflows. This application security role sits directly in that shift, focusing on protecting an AI-driven SaaS product used by large organisations. The remit spans classic AppSec concerns and newer risk surfaces introduced by LLM architectures and agentic systems, which is becoming a distinct discipline inside modern SaaS security.
From a SaaS career perspective, the work builds durable leverage: designing controls that scale with CI/CD, shaping secure-by-default patterns for product teams, and translating risk into engineering decisions that preserve delivery velocity. Experience here tends to compound across SaaS companies because it touches recurring problems like multi-tenant exposure, automation of security checks, and security enablement as a platform capability rather than a gate.
The role fits engineers who prefer hands-on building alongside advisory work, and who enjoy partnering with developers instead of operating as a separate audit function. It also suits professionals who want to deepen AppSec fundamentals while developing practical judgement for AI-specific threats, especially in environments where security is expected to influence product direction early.
The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.
Job Description
đ About WRITER
WRITER is where the world's leading enterprises orchestrate AI-powered work. Our vision is to expand human capacity through superintelligence. And we're proving it's possible â through powerful, trustworthy AI that unites IT and business teams together to unlock enterprise-wide transformation. With WRITER's end-to-end platform, hundreds of companies like Mars, Marriott, Uber, and Vanguard are building and deploying AI agents that are grounded in their company's data and fueled by WRITER's enterprise-grade LLMs. Valued at $1.9B and backed by industry-leading investors including Premji Invest, Radical Ventures, and ICONIQ Growth, WRITER is rapidly cementing its position as the leader in enterprise generative AI.
Founded in 2020 with office hubs in San Francisco, New York City, Austin, Chicago, and London, our team thinks big and moves fast, and we're looking for smart, hardworking builders and scalers to join us on our journey to create a better future of work with AI.
đ About the role
This is where security meets innovation at enterprise scale. As a security engineer, applications at WRITER, you'll be building the security foundations that protect the AI systems powering some of the world's most recognizable brands. You'll work at the intersection of application security, AI infrastructure, and developer enablementâpartnering with engineering teams to embed security into every line of code while ensuring our platform remains both powerful and trustworthy.
The opportunity is massive: you'll help define how enterprise AI applications are secured, from threat modeling our LLM architectures to building automated security controls that scale across our growing platform. This isn't about saying "no"âit's about finding creative ways to say "yes, and here's how we do it securely." You'll tackle challenges that most security engineers never encounter: securing AI agents, protecting training data pipelines, and designing controls for systems that didn't exist a few years ago.
This role can be remote within the US or hybrid from our San Francisco or New York City offices, reporting to the head of security engineering.
đŚ¸đťââď¸ What you'll do
Build security into the DNA of our AI platform by conducting threat modeling sessions with product teams, designing secure architectures for new features, and ensuring security considerations shape product decisions from day oneânot after the fact
Own and evolve our application security program including establish and maintain SAST/DAST scanning in CI/CD pipelines, conducting security code reviews for critical changes, and building automation that catches vulnerabilities before they reach production
Partner with engineering teams to establish and champion secure coding standards, creating reusable security patterns and libraries that make it easier for developers to build securely by default
Design and recommend security features and products that help secure customer environments. You are the advocate and the vision for how we protect and secure customers..
Integrate and leverage AI agents to help increase velocity for the security team and the overarching engineering org to ensure that we are proactive in minimizing risk while we build products
Lead security assessments and penetration testing of WRITER's applications, AI services, and APIs, identifying vulnerabilities across our tech stack and working collaboratively with teams to remediate issues at scale
Design and implement security controls for protecting data pipelines, model training environments, and customer-facing AI agents
Stay ahead of emerging threats in the AI/ML security landscape, researching attack vectors specific to LLMs and generative AI, and proactively building defenses against novel risks
âď¸ What you need
2+ years of hands-on experience in application security engineering, with a proven track record of securing large-scale production systemsâbonus points if you've worked in fast-growing startups or high-growth environments
Understanding of developer experience and developer workflows for shipping features and products. You care deeply about reducing risk while considering velocity of engineers.
Technical expertise in at least two programming languages (Python, Java, Go, JavaScript/TypeScript) and the ability to read and review code across multiple languages, understanding both business logic and security implications
Knowledge of security tools and methodologies including SAST/DAST solutions, vulnerability management platforms, security testing frameworks, and DevSecOps practicesâyou know which tools to use and when automation beats manual review
Excellent communication skills that allow you to translate complex security concepts into clear recommendations for both technical and non-technical audiencesâyou can explain why something matters and motivate teams to action
A builder's mindset that looks for opportunities to automate, scale, and empower rather than create bottlenecksâyou understand that security enables the business, not blocks it
Alignment with WRITER's values of Connect (building strong relationships across teams), Challenge (pushing the boundaries of what's possible in AI security), and Own (taking end-to-end responsibility for the security of our platform)
đŠ Benefits & perks (UK full-time employees):
Generous PTO, plus company holidays
Comprehensive medical and dental insurance
Paid parental leave for all parents (12 weeks)
Fertility and family planning support
Early-detection cancer testing through Galleri
Competitive pension scheme and company contribution
Annual work-life stipends for:
Wellness stipend for gym, massage/chiropractor, personal training, etc.
Learning and development stipend
Company-wide off-sites and team off-sites
Competitive compensation and company stock options
