The mission of the company is to serve as the technology backbone for strategic competition against peer adversaries, focusing on missions such as intelligence, information operations, special activities, and perception management.
The company has been operational since 2019 and supports a variety of missions across all US service branches, multiple combatant commands, partner nations, and interagency stakeholders.
They provide both hardware and software products to assist personnel on the front lines in areas such as collection, planning/assessments, and effects.
The company has experienced significant growth, increasing from $3M in run-rate revenue in 2021 to $80M today, and has been profitable since 2022, raising $91M in venture capital funding through Series B, with a valuation of $1.5B as of 2025.
As the Founding Application Security Engineer, the individual will be responsible for building the security backbone of the SaaS platform, ensuring rapid and safe feature deployment for customers.
The role involves collaborating with software, DevOps, and platform teams, and coordinating with audit partners to integrate threat modeling, automated SAST/SCA/DAST, and rapid vulnerability response into the software development lifecycle (SDLC).
Key responsibilities include mapping the product attack surface, ranking risks, publishing a 12-month security roadmap, embedding with development teams to run threat models, reviewing critical pull requests, and coaching secure coding practices.
The engineer will help implement and deploy security tools in CI/CD, drive mean time to recovery (MTTR) on priority vulnerabilities to less than 7 days, and support incident response for product issues while providing feedback for improvements.
The role also includes writing customer-facing Product Security white papers and supplying compliance evidence.
Requirements:
A minimum of 5 years of experience in Application or Product Security is required.
The candidate must have the ability to read and write production-quality code.
Hands-on experience in securing web applications and automating application security workflows is essential.
Familiarity with incident response fundamentals, including log triage, forensics, and retrospectives, along with a passion for eliminating root causes, is necessary.
The candidate should be a clear and concise communicator capable of translating risk for engineers, leadership, and customers.
Ideally, the candidate should have experience with AWS, Python, containers, TypeScript, Node.js, Django, PostgreSQL, and Rancher.
Experience in securing large language model (LLM) workflows is considered a significant plus.
Benefits:
The position offers health, dental, and vision insurance.
It is a 100% remote role, allowing employees to work from anywhere in the US.
The company provides 401k matching.
Mental health benefits are included.
A flexible work environment is offered, allowing employees to manage their own workday.
The company reimburses pet and child care expenses during travel.
Employees enjoy unlimited paid time off (PTO).
The salary range for this position is between $160,000 and $210,000, plus equity and 401k match, with individual pay determined by experience, education, and training.
