Security engineer, application security (UK)

About WRITER

WRITER is where the world's leading enterprises orchestrate AI-powered work. Our vision is to expand human capacity through superintelligence. We are proving it is possible through powerful, trustworthy AI that unites IT and business teams together to unlock enterprise-wide transformation.

About the role

This is where security meets innovation at enterprise scale. As a security engineer, applications at WRITER, you will be building the security foundations that protect the AI systems powering some of the world's most recognisable brands. You will work at the intersection of application security, AI infrastructure, and developer enablement—partnering with engineering teams to embed security into every line of code while ensuring our platform remains both powerful and trustworthy.

The opportunity is massive: you will help define how enterprise AI applications are secured, from threat modelling our LLM architectures to building automated security controls that scale across our growing platform. This isn't about saying "no" – it's about finding creative ways to say "yes, and here's how we do it securely." You will tackle challenges that most security engineers never encounter: securing AI agents, protecting training data pipelines, and designing controls for systems that didn't exist a few years ago.

What you’ll do

• Build security into the DNA of our AI platform by conducting threat modelling sessions with product teams, designing secure architectures for new features, and ensuring security considerations shape product decisions from day one—not after the fact.
• Own and evolve our application security program including establishing and maintaining SAST/DAST scanning in CI/CD pipelines, conducting security code reviews for critical changes, and building automation that catches vulnerabilities before they reach production.
• Partner with engineering teams to establish and champion secure coding standards, creating reusable security patterns and libraries that make it easier for developers to build securely by default.
• Design and recommend security features and products that help secure customer environments.
• Integrate and leverage AI agents to help increase velocity for the security team and the overarching engineering organisation to ensure that we are proactive in minimising risk while we build products.
• Lead security assessments and penetration testing of WRITER's applications, AI services, and APIs, identifying vulnerabilities across our tech stack and working collaboratively with teams to remediate issues at scale.
• Design and implement security controls for protecting data pipelines, model training environments, and customer-facing AI agents.
• Stay ahead of emerging threats in the AI/ML security landscape, researching attack vectors specific to LLMs and generative AI, and proactively building defenses against novel risks.

What you need

• 2+ years of hands-on experience in application security engineering, with a proven track record of securing large-scale production systems – bonus points if you've worked in fast-growing startups or high-growth environments.
• Understanding of developer experience and developer workflows for shipping features and products.
• Technical expertise in at least two programming languages (Python, Java, Go, JavaScript/TypeScript) and the ability to read and review code across multiple languages, understanding both business logic and security implications.
• Knowledge of security tools and methodologies including SAST/DAST solutions, vulnerability management platforms, security testing frameworks, and DevSecOps practices.
• Excellent communication skills that allow you to translate complex security concepts into clear recommendations for both technical and non-technical audiences.
• A builder's mindset that looks for opportunities to automate, scale, and empower rather than create bottlenecks.
• Alignment with WRITER's values of Connect, Challenge, and Own.

Benefits & perks (UK full-time employees)

• Generous PTO, plus company holidays
• Comprehensive medical and dental insurance
• Paid parental leave for all parents (12 weeks)
• Fertility and family planning support
• Early-detection cancer testing through Galleri
• Competitive pension scheme and company contribution
• Annual work-life stipends for wellness and learning and development
• Company-wide off-sites and team off-sites
• Competitive compensation and company stock options