Kerja Kerja Dari Rumah, Application Security Engineer (Remote Global) di Levers (YC S22) - Maukerja

About Levers

Levers helps B2B companies accelerate cash collection and improve cash flow. Our receivables management platform enables finance teams to streamline and personalize collection workflows at scale—across multiple communication channels—while automating labor-intensive back-office processes.

Founded in 2022, Levers is built by a team with backgrounds from Yale and Stanford, and deep experience in accounting, fintech, and SaaS. We are backed by Y Combinator and leading investors behind companies like Mercury, Pilot, Careem, Jasper, Tabby, and Tamara.

Job Overview:

We are seeking a skilled Application Security Engineer with a strong Python background to design, develop, and maintain secure applications specifically focus on Python development. The role requires integrating security best practices into the software development lifecycle (SDLC) to ensure compliance with regulatory and organizational security requirements.

Our Technology Stack

Backend: Python, FastAPI, PostgreSQL, ClickHouse

Frontend: React, Next.js, tRPC, Shadcn UI, Storybook

Infrastructure: Kubernetes (GKE), ArgoCD, Terraform/Terragrunt/Pulumi, Ansible

Cloud & Networking: GCP

Role: Application Security Engineer (Python)

We’re looking for a hands-on Security Engineer to help build and strengthen the security foundations of our platform from the ground up. This role combines application security, infrastructure security, and automation, with opportunities to work across both offensive and defensive domains.

Responsibilities

• Build automation tools to collect and track security KPIs (e.g., % of critical vulnerabilities remediated for compliance such as SAMA)
• Conduct security code reviews across backend and infrastructure systems (Python/Typescript)
• Review and approve change requests with a security-first mindset
• Identify, triage, and remediate vulnerabilities surfaced by automated tools and scans
• Contribute to defining and enforcing security policies and best practices
• Perform web application security testing and vulnerability research
• Work with cybersecurity, DevOps, and infrastructure teams.
• Provide secure design guidance to development teams.

Requirements

• Strong experience with Python (at least 2 years building tools or systems)
• At least 3 years of experience in cybersecurity
• Solid understanding of GCP (Google Cloud enviornment) will be Plus
• Familiarity with both offensive and defensive security practices
• Experience with application security, code review, and vulnerability management
• Comfortable working in a fast-paced startup environment and building systems from scratch

Nice to Have - not mandatory

• Showcase your bug bounty profile.
• Experience with DevSecOps, cloud security, or infrastructure-as-code security
• Exposure to modern AI/ML systems security
• Security certifications such as eWPT, OSCP, CISSP