Product Security Engineer (Founding team) in London

Aglide's browser agent platform is trusted by household-name fintechs and global enterprises to automate and secure the applications their employees depend on most. We’ve raised over $3.5M to go after this problem, and every day our platform is running thousands of mission-critical workflows.

Our founding engineers take on high-ownership roles, working directly with customers to invent new ways to securely and reliably automate web tasks - shaping product direction and building the core infrastructure for a category that’s still being invented.

Aglide combines an on-device browser agent and a browser extension to autonomously run web-based tasks inside our customers’ work applications. Today, it’s used for two key workflows:

• User login: Automating user sign-in to work accounts to give security teams visibility and policy enforcement.
• Lifecycle: Completing admin tasks inside applications (e.g., creating users) to save time, reduce human error, and tighten access control.

Our platform lets non-technical users configure these workflows for any application. We are working with companies ranging from decacorn financial services scale-ups to public insurance companies. Their employees depend on Aglide to access mission-critical applications - from everyday SaaS tools to corporate bank accounts; while their security teams count on it to maintain compliance and defend against attackers - including, at times, state-sponsored threats.

• End-to-end encrypted infrastructure: Owning and evolving the systems that keep sensitive customer data secure — across our backend, on-device environment, and browser extension.
• Security architecture and threat modelling: Identifying vulnerabilities across the stack and designing systems that are resilient against real-world attack vectors, including those from sophisticated and state-sponsored actors.
• Compliance and audit tooling: Building the internal controls and logging infrastructure that support SOC 2 and other compliance frameworks our enterprise customers require.
• Platform controls and analytics: Giving customers more visibility and control over how their automations run — and giving our team the observability to detect and respond to anomalies.
• Secure product features: Contributing full-stack across our dashboard, desktop app, and backend to ship features that embed security into the product experience, not just the infrastructure.

• Independently and confidently: You’ll have significant ownership and autonomy - meaningfully shaping our priorities through the roadmap you influence and the problems you choose to solve.
• Inventing the playbook: We’re one of the few companies running browser-using agents for mission-critical work - and that comes with novel security challenges. You’ll help us maintain the reputation we have for our commitment to security in every product decision.
• Across the stack: You’ll ship by contributing across everything - the dashboard, desktop app, backend services, and IaC configurations - with a security lens at every layer.
• With high commitment: You’ll go from problem identified to solution shipped in days, even if it means working long nights and weekends.

• 3+ years software experience: Looking for people who have built production software for real users, with meaningful exposure to security-sensitive environments.
• Strong security fundamentals: A deep understanding of applied cryptography, zero-trust principles, secure software development, and common vulnerability classes (e.g. OWASP Top 10).
• Excellent debugging and systems thinking: Browser automation is messy, and our workflows run on end-user devices with end-to-end encrypted data - tracing a security issue requires understanding the whole system.
• Desire for ownership: One engineer is responsible end-to-end - meeting a customer, diagnosing issues, designing a fix, and shipping to production (sometimes within a week).

• Experience with our stack: TypeScript, Postgres, Electron (macOS/Windows/Linux), web automation, and browser extensions.
• Security experience: Building secure systems; comfort with zero-trust concepts and end-to-end encryption.
• Identity/SSO exposure: Familiarity with products like Okta, 1Password, Entra ID, JAMF, or similar tools used by IT and security teams.
• Compliance experience: Hands-on work with SOC 2, ISO 27001, or enterprise security review processes.
• Secure AI systems: Experience thinking critically about data security in the context of AI — including how to leverage cutting-edge AI capabilities without compromising the confidentiality of sensitive customer data.
• Penetration testing or red teaming: Offensive security experience that informs how you build defensively.

• Competitive salary and generous equity: We want you to have a meaningful share of the billion-dollar company we are building.
• Central Office: Work in our London Shoreditch office, or SF office.
• Private medical and dental insurance.
• Socials & Offsites: Frequent dinners and events, and an annual international offsite.
• Annual learning and development budget.
• Unlimited PTO: We’ll make sure you take enough time off to sustain the intensity and commitment the role demands.
• Relocation or Travel: We have offices in SF and London, and are keen for the team to travel between offices, or even relocate.

Our commitment to inclusion: Before founding Aglide, Oliver and I helped establish an organisation dedicated to encouraging people from disadvantaged and underrepresented communities to pursue careers in engineering. When we founded Aglide, we wanted to carry that commitment forward by actively working to create inclusive career opportunities. We are proud that everyone who has joined Aglide shares this commitment and is holding us accountable to it. Aglide is an equal opportunity employer and does not discriminate on the basis of race, colour, religion, gender, national origin, sexual orientation, or gender identity.