Application Security Engineer

The Role

Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with engineers to develop secure solutions from the ground up and ensure they remain robust over time? Are you passionate about learning and mitigating risks on LLM and Agentic AI solutions at scale? If so, we have the perfect opportunity for you.

As a Security Engineer at Moveworks, you will focus on securing our AI infrastructure, platform, and features. Reporting directly to the Head of Application Security, you will be responsible for designing, implementing and executing security solutions and practices that enable our engineering teams to build secure infrastructure and features at scale. 

We are working on cutting-edge solutions and safeguards so Large Language Models (LLMs) can be safely deployed in the enterprise. In this role to be successful, you will  partner with machine learning, search, product, infrastructure, data, and full-stack teams to identify, define and build elegant security solutions. You’ll drive design reviews and threat models, lead security code reviews and pentest efforts. You will also triage and address findings from SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans, as well as reports from our Bug Bounty program. This is an opportunity to play an integral role at the fastest-growing AI startup in its space.

What You Will Do

• Lead Security Reviews: Engage proactively in design discussions and data handling reviews to ensure security is integrated at every stage.
• Execute Penetration Testing:  Carry out targeted penetration tests as part of security reviews for features deemed critical. Identify vulnerabilities and recommend strategies for risk mitigation. Develop and refine testing methodologies to effectively uncover and address security risks.
• Develop and Maintain AppSec Processes and Tools: Ensure our AppSec processes and CI/CD scanning tools are up-to-date and effective in identifying and mitigating vulnerabilities.
• Contribute to Application Security (AppSec) Program Enhancements: Play a key role in the continuous improvement of the Application Security program at Moveworks, focusing on effective security outcomes.
• Collaborate with Cross-Functional Teams: Partner with machine learning, search, product, infrastructure, data, and frontend teams to design secure solutions.
• Empower Teams on Security Matters: Enable teams to make informed security-related decisions.

What You Bring to the Table

• 3+ years of experience in Application Security identifying security risks, developing mitigation plans, and implementing security features and solutions.
• 3+ years of experience in Penetration testing.
• 2+ years of experience with SAST, DAST, dependency scanning and vulnerability management tools like Snyk, GitHub Dependabot, Burp Suite. 
• 2+ years of modern high-level programming language like Python, Golang or equivalent.
• Cloud Infrastructure: Hands-on experience with cloud-native security best practices across AWS, GCP, and/or Azure.
• Technical Knowledge: In-depth knowledge of application security, network security, authentication, authorization, identity systems, encryption,  AI/LLM security and secure coding practices.
• Educational Background: BS+ in computer science or a related field, or equivalent relevant experience.

If you are passionate about application security and excited about the opportunity to make a significant impact at Moveworks, we encourage you to apply. Help us achieve our ambitious goals and maintain a high standard of security as we continue to grow and innovate in the AI space.

Base Salary Compensation Range: $160,000-229,000

*Our compensation package includes a market competitive salary, equity for all full time roles, exceptional benefits, and, for applicable roles, commissions or bonus plans. 
Ultimately, in determining pay, final offers may vary from the amount listed based on geography, the role’s scope and complexity, the candidate’s experience and expertise, and other factors.

Moveworks Is An Equal Opportunity Employer
*Moveworks is proud to be an equal opportunity employer. We provide employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, or any other characteristics protected by law.

Who We Are 

Moveworks is an AI Assistant that helps all employees find information, automate tasks, and be more productive. We give the entire workforce one interface to get answers and take action across every enterprise system. And for developers, we make it easy to build and deploy AI agents that bring the power of Moveworks to every business process or workflow.

It’s all powered by a pioneering Reasoning Engine paired with an Agentic Automation Engine that, together, are able to handle even the most complex requests by understanding queries, then building and executing intelligent plans to fulfill them — in seconds.

Founded in 2016, Moveworks has raised $315M in funding, and eclipsed $100M in ARR in 2024 thanks to our award-winning product and team. Along the way, we’ve earned recognition as a leader in the Forrester Wave for Conversational AI Platforms for Employee Services, as a member of the Forbes Cloud 100 and AI 50 lists, and as one of America’s Most Loved Workplaces according to Newsweek. 

Today, Moveworks has over 500 employees in six offices globally, and is backed by some of the world's most prominent investors including Kleiner Perkins, Lightspeed, Bain Capital Ventures, Sapphire Ventures, Iconiq, and more.

Over 350 leading organizations like Marriott, Databricks, Toyota, CVS Health, and Honeywell trust Moveworks to increase operational efficiency, enhance the employee experience, and drive lasting AI transformation.

Come join one of the most innovative teams on the planet!