Runpod Logo

Runpod

Full Stack Security Engineer (Application & Product)

Posted 26 Minutes Ago
Be an Early Applicant
Remote
Hiring Remotely in USA
152K-175K Annually
Senior level
Remote
Hiring Remotely in USA
152K-175K Annually
Senior level
Secure customer-facing products, APIs, and internal services through threat modeling, architecture and code reviews. Remediate vulnerabilities by coding fixes in Python/Go/JS/TS. Build and manage SAST/DAST/SCA security pipelines in CI/CD. Configure WAFs, API gateways, and bot protection. Provide secure coding guidance, run bug bounty triage, and support compliance (SOC 2, ISO 27001, GDPR).
The summary above was generated by AI

Runpod is the AI Developer Cloud. More than one million developers, from indie researchers to teams running frontier models in production, use Runpod to experiment, train, fine-tune, deploy, and scale AI on one platform. The platform has processed more than 20 billion inference requests. We closed a $100M Series A in June 2026. We're at an inflection point for AI infrastructure, and we're building the platform the next generation of developers will depend on.

 

We're a small, remote-first team. We take ownership seriously, move fast, and ship work that more than a million developers rely on every day. We're looking for people who care deeply, build with urgency, and want to matter at scale.

 

Learn more in our CEO's funding announcement: https://www.runpod.io/blog/one-million-developers.

As RunPod continues to revolutionize the GPU cloud computing landscape, we are seeking a Full Stack Security Engineer to secure our customer-facing products, APIs, and internal services. This critical position will ensure the security of the software that powers our platform, enabling continued growth while protecting user data, billing systems, and web interfaces.

The ideal candidate possesses strong software development abilities coupled with deep experience in application security, DevSecOps, and modern web architectures. You will embed directly with our engineering teams to ensure our product is secure by design.

RunPod is seeking a proactive AppSec professional who believes in Integrated Security. You won't just toss PDF reports over the fence; you will write code to fix vulnerabilities, build automated security guardrails into our CI/CD pipelines, and foster a security-first culture among our developers.

Responsibilities:

  • Product Security: Lead threat modeling, architecture reviews, and code reviews for our web applications, APIs, and microservices.

  • Vulnerability Remediation: Actively develop and commit code to fix security flaws in our Python, Go, or JavaScript/TypeScript codebases alongside the engineering team.

  • DevSecOps: Implement, tune, and manage security testing tools (SAST, DAST, SCA) within our CI/CD pipelines to catch vulnerabilities early in the SDLC.

  • Edge & Application Defense: Configure and manage application-layer security controls, including Web Application Firewalls (WAF), bot protection, and API gateways.

  • Security Championing: Provide security guidance, secure coding training, and standard operating procedures to development teams.

  • Compliance & Operations: Collaborate with operations to ensure product-level adherence to relevant frameworks (e.g., SOC 2, ISO 27001, GDPR) and participate in bug bounty triage.

Required Qualifications:

  • 5+ years of experience in application security, product security, or as a software engineer with a heavy security focus.

  • Strong programming and code-review skills in languages like Python, Go, JavaScript/TypeScript, or similar modern stacks.

  • Deep understanding of web application vulnerabilities (OWASP Top 10), API security (REST/GraphQL), and modern authentication flows (OAuth, OIDC, JWT).

  • Hands-on experience with offensive web security testing tools (e.g., Burp Suite, ZAP).

  • Experience building and maintaining automated security pipelines (DevSecOps).

  • Ability to translate complex security risks into actionable engineering tasks.

Preferred Qualifications:

  • Relevant application security certifications (e.g., OSWE, GWAPT, CISSP).

  • Experience securing cloud-native applications running on Kubernetes/Docker environments.

  • Background in managing bug bounty programs or coordinated vulnerability disclosures.

What You’ll Receive:

  • The competitive base pay for this position ranges from ($152,000 - $175,000). This salary range may be inclusive of several career levels at Runpod and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location

  • Meaningful equity in a fast-growing company- everyone on the team receives stock options — your impact drives our growth, and you share in the upside.

  • Generous medical, dental & vision plans

  • Flexible PTO- take the time you need to recharge

  • Most roles are remote work first with an inclusive, collaborative teams utilizing slack as the main form of internal communication

  • Join a passionate team on the cutting edge of AI infrastructure — where culture, learning, and ownership are at the heart of how we scale.

  • $1,200 Home Office & Equipment Stipend- We set you up for success from day one with gear and support to create your ideal workspace

Runpod is committed to maintaining a workplace free from discrimination and upholding the principles of equality and respect for all individuals. We believe that diversity in all its forms enhances our team. As an equal opportunity employer, Runpod is committed to creating an inclusive workforce at every level. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, protected veteran status, disability status, or any other characteristic protected by law. We welcome every qualified candidate eligible to work in the United States; however, we are currently unable to sponsor employment visas.

Similar Jobs at Runpod

26 Minutes Ago
Remote
USA
152K-175K Annually
Senior level
152K-175K Annually
Senior level
Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
Design and implement multitenant workload and network isolation for bare-metal and virtualized GPU infrastructure. Harden Linux kernel and container runtimes, perform threat modeling and penetration testing, write low-level security code (C/Go/Rust), mitigate GPU and PCIe security risks, and lead incident response and forensic work for ephemeral container environments.
Top Skills: ApparmorCCgroupsContainerdDockerEbpfGoGpu ArchitectureKubernetesKvmLinuxNamespacesPcie Pass-ThroughPythonQemuRustSelinux
5 Days Ago
Remote
USA
150K-200K Annually
Senior level
150K-200K Annually
Senior level
Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
Ensure stability and resilience of Runpod's distributed AI platform by defining SLIs/SLOs, leading incident response, building observability and reliability tooling, automating operational workflows, and partnering with engineering teams to reduce toil and improve production readiness.
Top Skills: BashCi/CdContainerized Production SystemsGoGpu Observability ToolingGrafanaInfrastructure As CodeLinuxPrometheusPython
6 Days Ago
Remote
USA
225K-325K Annually
Senior level
225K-325K Annually
Senior level
Artificial Intelligence • Cloud • Software • Infrastructure as a Service (IaaS)
Lead and scale core cloud and bare-metal infrastructure including SRE, global and HPC networking, and distributed storage. Define SLOs/SLAs, incident response, observability, and IaC. Architect InfiniBand/RoCE networks and high-performance storage to support large GPU workloads. Hire and mentor managers and senior ICs, partner with product and program teams to forecast capacity and drive reliability, throughput, and low-latency infrastructure at scale.
Top Skills: AnsibleBare-MetalBgpCephContainer OrchestrationInfinibandInfrastructure As CodeKubernetesLustreNvlinkNvme-OfObservabilityRdmaRoceSpine-Leaf ArchitectureTerraformWeka

What you need to know about the Los Angeles Tech Scene

Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.

Key Facts About Los Angeles Tech

  • Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
  • Key Industries: Artificial intelligence, adtech, media, software, game development
  • Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
  • Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account