Security Engineer

Security Engineer Hey! We're team Granola 👋 If you haven't already, you should check out what we're building https://www.granola.ai/, and why you should work here https://www.granola.ai/jobs. In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's applications, building security tools, and working closely with our development teams to integrate security throughout our software development lifecycle. You'll help establish a robust security culture as we unlock Granola for the next 100x users. IN THIS ROLE, YOU WILL: - Design and implement security features within the Granola app to protect user data and strengthen the product's security posture - Leverage AI-assisted tooling to conduct security assessments, code reviews, threat modeling and penetration testing to identify vulnerabilities in our applications - Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC - Track, analyse, and manage application vulnerabilities, using AI-assisted triage and prioritisation to guide remediation efforts - Support incident response by investigating application-related security incidents - Stay current on the latest security threats, vulnerabilities, and technologies to enhance our security posture YOUR BACKGROUND LOOKS SOMETHING LIKE: - Extensive experience building production software, with hands-on exposure to security-sensitive work (auth, data handling, API design, encryption or similar) and a genuine interest in going deeper into application security - Comfortable with secure coding practices and at least one of: threat modelling, risk assessments, or incident response, with appetite to grow across the rest - Proficiency in programming languages such as TypeScript, Python, or similar - Experience with cloud and cloud security (we use AWS) - Strong communication skills with the ability to explain complex security issues to both technical and non-technical audiences AS A PERSON, YOU… - Are first and foremost a builder who thinks like an attacker - Are excited to work in-person from our office in London (most of the time) - Love working in a startup environment (you either have experience working in a startup or are really drawn to the zero-to-one phase) - Value working with people who are kind, ambitious, and pragmatic - Have a passion for protecting users and building secure systems - Thrive in a fast-paced environment where you can make a direct impact on product security ABOUT THE OPPORTUNITY We are living in the most exciting time for tool builders since Engelbart's demo https://en.wikipedia.org/wiki/The_Mother_of_All_Demos in 1968. We want to assemble the best crew to build this future together, here in London. Our compensation philosophy is to pay slightly above market on salary and above market on equity. We do our best work in person, and so our team spends time together five days per week in our new, bright, and spacious office at Old Street. We are happy to offer relocation assistance to candidates who'll be moving to London to join us. Lastly, we think amazing talent comes from all kinds of life journeys and experiences. If what is written above speaks to you, whether you look like a fit on paper or not, please reach out.