Adaptive Security Engineer
Adaptive Security is the fastest-growing company in AI cybersecurity. We started by protecting organizations from AI-powered social engineering - deepfake phone calls, spear phishing, SMS-based threats - and we're now expanding into email security and browser security. Our customers integrate us deeply into their Google Workspace, Microsoft 365, and email infrastructure, and that attack surface is growing fast. We're a security company and our own security posture has to be best in class.
We're looking for an Application Security Engineer to own application security across Adaptive. You need to be a strong enough engineer to work inside our codebase (Java + Spring Boot services, TypeScript + React frontend, and terraform for managing AWS infrastructure) and a strong enough security practitioner to find what others miss. We want someone who finds the vulnerability, opens the PR to fix it, and builds the systems that prevent the next one.
Responsibilities
- Own Adaptive's application security posture end-to-end. Define security standards for our products, infrastructure, and development process and make sure they're followed.
- Conduct security reviews and threat modeling for new features, integrations, and architecture changes. Our attack surface is growing as we add deeper customer integrations and expand internationally.
- Build security into CI/CD. Automate static analysis, dependency scanning, secrets detection, and container security so vulnerabilities are caught before they ship.
- Perform penetration testing against our own applications and infrastructure. Find the bugs before external researchers or attackers do.
- Drive vulnerability management across our application and infrastructure stack. Triage findings from automated tooling, pen tests, prioritize by risk, and push remediation to closure with engineering.
- Lead security incident response process for application-layer events. When something happens, you lead the investigation and remediation.
- Manage our approach to external security testing - bug bounty programs, third-party pen tests, and customer security assessments.
- Own AWS security across our entire cloud architecture IAM hardening, misconfiguration detection, and building the controls that keep our posture clean as the environment grows.
Qualifications
- 5+ years of experience in application security, with demonstrated ability to find and exploit vulnerabilities in web applications and APIs (OWASP Top 10 and beyond).
- Strong software engineering skills. You can read, write, and ship production code in Java, TypeScript, or similar languages.
- Experience with cloud infrastructure security on AWS (IAM, VPC, ECS, S3, RDS, or equivalent services on other providers).
- Hands-on experience with security tooling in CI/CD pipelines - SAST, DAST, SCA, container scanning, or similar.
- Familiarity with compliance frameworks relevant to enterprise SaaS (SOC 2, HIPAA, GDPR) and the ability to translate compliance requirements into engineering work.
- High autonomy. You're building this function from scratch and are expected to set priorities and drive them.
Compensation & Benefits:
- Competitive cash compensation and meaningful stock.
- Several medical plans to choose from, most covered at 100% by Adaptive.
- 401k through Vestwell.
- Unlimited PTO, including winter break from Dec 24 - Jan 1.
- A fantastic office atmosphere including coffee, espresso, lounge, snacks, whiteboards, and tons of conference space.
- Rotating choice of 4 free lunch options from local restaurants every day.
- Expense dinner if you're in the office past 7pm. Expense Uber if you happen to stay past 9pm.
Adaptive Security Engineer
Adaptive Security is the fastest-growing company in AI cybersecurity. We started by protecting organizations from AI-powered social engineering - deepfake phone calls, spear phishing, SMS-based threats - and we're now expanding into email security and browser security. Our customers integrate us deeply into their Google Workspace, Microsoft 365, and email infrastructure, and that attack surface is growing fast. We're a security company and our own security posture has to be best in class.
We're looking for an Application Security Engineer to own application security across Adaptive. You need to be a strong enough engineer to work inside our codebase (Java + Spring Boot services, TypeScript + React frontend, and terraform for managing AWS infrastructure) and a strong enough security practitioner to find what others miss. We want someone who finds the vulnerability, opens the PR to fix it, and builds the systems that prevent the next one.
Responsibilities
- Own Adaptive's application security posture end-to-end. Define security standards for our products, infrastructure, and development process and make sure they're followed.
- Conduct security reviews and threat modeling for new features, integrations, and architecture changes. Our attack surface is growing as we add deeper customer integrations and expand internationally.
- Build security into CI/CD. Automate static analysis, dependency scanning, secrets detection, and container security so vulnerabilities are caught before they ship.
- Perform penetration testing against our own applications and infrastructure. Find the bugs before external researchers or attackers do.
- Drive vulnerability management across our application and infrastructure stack. Triage findings from automated tooling, pen tests, prioritize by risk, and push remediation to closure with engineering.
- Lead security incident response process for application-layer events. When something happens, you lead the investigation and remediation.
- Manage our approach to external security testing - bug bounty programs, third-party pen tests, and customer security assessments.
- Own AWS security across our entire cloud architecture IAM hardening, misconfiguration detection, and building the controls that keep our posture clean as the environment grows.
Qualifications
- 5+ years of experience in application security, with demonstrated ability to find and exploit vulnerabilities in web applications and APIs (OWASP Top 10 and beyond).
- Strong software engineering skills. You can read, write, and ship production code in Java, TypeScript, or similar languages.
- Experience with cloud infrastructure security on AWS (IAM, VPC, ECS, S3, RDS, or equivalent services on other providers).
- Hands-on experience with security tooling in CI/CD pipelines - SAST, DAST, SCA, container scanning, or similar.
- Familiarity with compliance frameworks relevant to enterprise SaaS (SOC 2, HIPAA, GDPR) and the ability to translate compliance requirements into engineering work.
- High autonomy. You're building this function from scratch and are expected to set priorities and drive them.
Compensation & Benefits:
- Competitive cash compensation and meaningful stock.
- Several medical plans to choose from, most covered at 100% by Adaptive.
- 401k through Vestwell.
- Unlimited PTO, including winter break from Dec 24 - Jan 1.
- A fantastic office atmosphere including coffee, espresso, lounge, snacks, whiteboards, and tons of conference space.
- Rotating choice of 4 free lunch options from local restaurants every day.
- Expense dinner if you're in the office past 7pm. Expense Uber if you happen to stay past 9pm.
Government Careers
Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
MORE JOBS
-
Oracle HCM Security Lead
- San Francisco, California
- Jconnect Infotech
- Jul 01, 2026
-
Strategic Loss Prevention & Security Investigator
- Elk Grove, California
- Fashionunited
- Jul 01, 2026
-
Transportation Security Officer (TSO)
- Longview, Texas
- Phenom People
- Jul 01, 2026
-
Unarmed Security Officer
- Windsor, Connecticut
- Metro One Security
- Jul 01, 2026
-
Retail Security Dispatch Officer
- Las Vegas, Nevada
- Marksman Security
- Jul 01, 2026
-
World Cup Event Security Officer – $27–$30/hr
- Kansas City, Missouri
- Securitas
- Jul 01, 2026