Application Security Engineer

Who are we?

From your everyday PowerPoint presentations to Hollywood movies, AI will transform the way we create and consume content. Today, people want to watch and listen, not read — both at home and at work. If you’re reading this and nodding, check out our brand video.

Despite the clear preference for video, communication and knowledge sharing in the business environment are still dominated by text, largely because high-quality video production remains complex and challenging to scale—until now….

Meet Synthesia

We're on a mission to make video easy for everyone. Born in an AI lab, our AI video communications platform simplifies the entire video production process, making it easy for everyone, regardless of skill level, to create, collaborate, and share high-quality videos. Whether it's for delivering essential training to employees and customers or marketing products and services, Synthesia enables large organizations to communicate and share knowledge through video quickly and efficiently. We’re trusted by leading brands such as Heineken, Zoom, Xerox, McDonald’s and more. Read stories from happy customers and what 1,200+ people say on G2.

In 2023, we were one of 7 European companies to reach unicorn status. In February 2024, G2 named us as the fastest growing company in the world. We’ve raised over $150M in funding from top-tier investors, including Accel, Nvidia, Kleiner Perkins, Google and top founders and operators including Stripe, Datadog, Miro, Webflow, and Facebook.

Ethics and AI safety have always been core to our mission, and to translate our commitments into action, we rely on our 3Cs framework: Consent, Control, and Collaboration. Read more about this framework, and hear our CEO speak about our goals and challenges in this area. Additionally, we are the first AI video company to achieve the new ISO 42001 certificate on AI system management, covering the unique challenges AI poses, such as ethical considerations, transparency, and continuous learning. 

About the role

As an Application Security Engineer, you will join a small team of security engineers supporting the Product Engineering and Research and Development (RnD) departments. You’ll work closely with product managers, engineers and researchers to help shape and ship secure by default product features. Driven and impact-focused, you will take the initiative to communicate effectively with product managers and teams, ensuring alignment and addressing potential issues promptly. As a member of a small team, you’ll also help set the strategy and direction for scaling the company wide application security program.

If you’re passionate about ethical use of AI, have experience in driving organizational wide application or product security programs, can dive deep technically with engineers and researchers and can communicate product risk tradeoffs clearly and with empathy, this is for you.

This is an opportunity to help actually influence how generative AI products are designed and built with security, ethics and AI safety at the forefront.

What will you be doing?

In this position, you'll be:

• Building and maintaining partnerships with specific product engineering teams, as a reasonable, friendly and effective security advocate
• Leading threat modeling of top engineering priorities with security impact, supporting engineers in reviewing pull requests, weighing in on security impacting implementations, and answering ad-hoc application security questions
• Building guidance and implementing secure by default patterns/paved roads
• Contributing to improving and scaling our secure software development program
• Co-ordinating penetration testing and bug bounty programs 
• Participating in product security incident response
• Supporting our Corporate Security team who oversees general Security Operations on any area overlapping with application security

Who are you?

• You have 5+ years of application security experience including design level guidance/threat modeling, code review and application security testing
• You have been part of the AppSec team for a fast-growing company and owned driving and scaling the program
• You have prior experience in understanding the unique security challenges posed by SaaS products
• You can read, and if required even write, production code in Python and Typescript, make iterative improvements, and identify and fix security vulnerabilities
• You have a track record of implementing automation in a security context
• You have built strong positive relationships with internal customer engineering teams as an application or product security engineer
• You have worked with product managers and engineers on balancing risks with product priorities such as velocity and user friction
• You have prior experience in understanding cloud security considerations for product engineering teams, particularly within AWS

The good stuff...

• Attractive compensation  (salary + stock options + bonus)
• A manger dedicated to upholding their key management tenets 
• A remote first team and flexible work/life balance culture
• The option to join one of our offices in London, Amsterdam, Munich , or Zurich
• 25 days of annual leave + public holidays
• Work in a great company culture with the option to join regular planning and socials at our hubs, and company retreats
• Strong opportunities for your career growth

You can see more about Who we are and How we work here: https://www.synthesia.io/careers