Software Engineer, Security
Pylon Manufacturing Corp.
San Francisco, United States of America
7 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
Intermediate Compensation
$ 250KJob location
San Francisco, United States of America
Tech stack
API
Artificial Intelligence
Amazon Web Services (AWS)
Code Review
Software Engineering
Software Vulnerability Management
React
Software Security
Backend
GraphQL
Go
Job description
- Own application and product security across what we've shipped and what's still to come, including threat modeling, secure design reviews, and code review on the areas that matter most like auth and access control.
- Build tooling that scales security past one person: supply chain security, vulnerability management, secure-by-default libraries, and developer-friendly guardrails.
- Run the vulnerability lifecycle end to end (triage, validation, prioritization, remediation) and help mature our bug bounty and disclosure programs.
- Build AI-assisted security workflows, like agents that scan code, propose fixes, and surface real risk, along with the controls that let the rest of the team use coding agents safely.
- Work hands-on with engineers to ship fixes and help them build securely by default, telling the difference between theoretical risk and risk that actually matters so we spend effort where it counts.
- Take projects from customer request through design to ship, and own them the whole way through.
- Help with incident response: triage, investigate, and coordinate the fix.
- Flex into broader infrastructure work as we grow, including the same scaling, reliability, and developer-velocity problems the infra team owns.
Requirements
- You have 3+ years building production software with security at the center of it, or you're a strong infra/backend engineer looking to make security your focus.
- You like to build, not just advise. You're comfortable turning risk into actual engineering work and shipping it.
- You know application security fundamentals well: auth, sessions, APIs, secrets handling, and the common vulnerability classes and how to design them out.
- You've done some mix of vulnerability triage, bug bounty, disclosure, or incident response, and can balance urgency against pragmatism.
- You highly leverage AI for software development and can juggle multiple workstreams at the same time.
- You've worked at startups previously and navigated ambiguous environments.
- You have a growth mindset, want to constantly improve, and want to receive feedback.
- You're in SF or you're willing to relocate, you love working in-person, and you're serious about joining us to build a culture we'll all love
- (Bonus) You have experience with our tech stack (React, Golang, GraphQL, and AWS).
- (Bonus) You have experience with building agentic products in production.
Benefits & conditions
Pulled from the full job description
- Parental leave
- Stock options
- Gym membership
- Unlimited paid time off
- Commuter assistance, The base salary range for this position is $180k - $250k annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate's qualifications, skills, competencies and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Pylon. This role is eligible for stock options, as well as a comprehensive benefits package.
Compensation Range: $180K - $250K
About the company
Currently more than 1500 companies including Linear, Cognition (makers of Devin), Modal Labs, and Incident.io run their support and customer success workflows with Pylon. You'll also find us on the Enterprise Tech 30 List.
Our product has a very large problem space so there's a ton of stuff to build and take ownership of - we'd be excited to get your help as we're hiring several extremely talented software engineers across the stack.