At Braze, we have found our people. We’re a genuinely approachable, exceptionally kind, and intensely passionate crew.
We seek to ignite that passion by setting high standards, championing teamwork, and creating work-life harmony as we collectively navigate rapid growth on a global scale while striving for greater equity and opportunity – inside and outside our organization.
To flourish here, you must be prepared to set a high bar for yourself and those around you. There is always a way to contribute: Acting with autonomy, having accountability and being open to new perspectives are essential to our continued success.
Our deep curiosity to learn and our eagerness to share diverse passions with others gives us balance and injects a one-of-a-kind vibrancy into our culture.
If you are driven to solve exhilarating challenges and have a bias toward action in the face of change, you will be empowered to make a real impact here, with a sharp and passionate team at your back. If Braze sounds like a place where you can thrive, we can’t wait to meet you.
WHAT YOU'LL DO
Braze is seeking a Staff Application Security engineer to join our team. Braze is a modern, cloud-first, SaaS application company with no classical “legacy” systems. We are seeking a Staff Application Security engineer to work with our existing Application Security team to better protect our production applications and their related application infrastructure, as well as provide expert level guidance to development teams around secure architecture for their systems.
You are a person who is comfortable with, and excels in an environment where you are the sole point of technical escalation for complex, large scale software security projects. You are able to effectively, accurately, and holistically identify security issues in application architecture, in code, and in application running states.
You are an expert at communicating security requirements to developers, technical teams, and non-technical parties. You have developed your tone of delivery for all categories of recipients and have a track record of ensuring mutual understanding for your security implementation requests and assessment of risk. You have a deep understanding of SaaS software development lifecycles. You have strong, pre-formed opinions on how to ensure security in the development cycle while simultaneously creating a condition where technical teams are not burdened by controls. You have experience in both successes and failures in implementation of security controls in both the development cycle and post-production environments, and can articulate implementation importance and reasoning to both high-level engineers, academics, and management.
You are able to handle complex security incidents and escalations as a technical incident commander, and make determinations quickly, accurately, and with a cool head. You have experience with medium to large scale incident response and can process several simultaneous technical and administrative inputs while consistently working towards clear goals for remediation and containment. You are familiar with not only garden variety attack patterns, but have studied and understand TTP’s of advanced threat actors and can visually pattern match data points in order to make accurate predictions about unknowns during incidents.
WHO YOU ARE
An good candidate will have:
- 10+ years of experience securing an application at a company at an IC level or higher
- Demonstrable experience in consistently locating novel security vulnerabilities in web software
- 5+ years experience conducting penetration tests both as a single tester and on a team
- 5+ years of experience in application incident response
- Experience with active testing against AI/LLM integrated web applications and APIs
- Experience with scripting languages and automation
- Direct experience in the triage/validation of vulnerabilities in systems they may not be familiar with, and the ability to properly articulate risk and provide accurate mitigation recommendations
- Ability to read and understand Javascript, Ruby, and Kotlin (Development level proficiency not required)
- 5+ years of experience as an Application Security leader or sole responsible party
An excellent candidate will have:
- Experience with Mail Delivery systems/experience in the MarTech space
- Experience managing a public bug bounty program
- CVE’s or published vulnerabilities, and corresponding conference talks
- Involvement with an open source project
- Experience with the review and risk evaluations of 3rd party integrations
- Experience with mobile application penetration testing (including testing methodologies that include location of security vulnerabilities in applications with pinned certificates)
For candidates based in the United States, the pay range for this position at the start of employment is expected to be between $189,000 and $215,000/year with an expected On Target Earnings (OTE) between $210,000 and $245,000/year (including bonus or commission). Your exact offer may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. In addition to cash compensation, Braze offers full and part-time employees a comprehensive Total Rewards package that includes equity grants of restricted stock (RSUs) so that all Braze employees own a piece of our company.
#LI-Hybrid
WHAT WE OFFER
Braze benefits vary by location, and we encourage you to review our specific benefits offerings for each country here. More details on benefits plans will be provided if you receive an offer of employment.
From offering comprehensive benefits to fostering hybrid ways of working, we’ve got you covered so you can prioritize work-life harmony. Braze offers benefits such as:
- Competitive compensation that may include equity
- Retirement and Employee Stock Purchase Plans
- Flexible paid time off
- Comprehensive benefit plans covering medical, dental, vision, life, and disability
- Family services that include fertility benefits and equal paid parental leave
- Professional development supported by formal career pathing, learning platforms, and a yearly learning stipend
- A curated in-office employee experience, designed to foster community, team connections, and innovation
- Opportunities to give back to your community, including an annual company-wide Volunteer Week and donation matching
- Employee Resource Groups that provide supportive communities within Braze
- Collaborative, transparent, and fun culture recognized as a Great Place to Work®
ABOUT BRAZE
Braze is the leading customer engagement platform that empowers brands to Be Absolutely Engaging.™ Braze helps brands deliver great customer experiences that drive value both for consumers and for their businesses. Built on a foundation of composable intelligence, BrazeAI™ allows marketers to combine and activate AI agents, models, and features at every touchpoint throughout the Braze Customer Engagement Platform for smarter, faster, and more meaningful customer engagement. From cross-channel messaging and journey orchestration to Al-powered decisioning and optimization, Braze enables companies to turn action into interaction through autonomous, 1:1 personalized experiences.
The company has repeatedly been recognized as a Leader in marketing technology by industry analysts, and was voted a G2 “Best of Marketing and Digital Advertising Software Product” in 2025.
Braze was also named a 2025 Best Companies To Work For by U.S. News & World Report, a 2025 America’s Greatest Companies by Newsweek, and a 2025 Fortune Best Workplace in Technology™ by Great Place To Work®, among other accolades. Braze is also proudly certified as a Great Place to Work® in the U.S., the UK, Australia, and Singapore.
The company is headquartered in New York with offices in Austin, Berlin, Bucharest, Chicago, Dubai, Jakarta, London, Paris, San Francisco, São Paulo, Singapore, Seoul, Sydney and Tokyo.
At Braze, we strive to create equitable growth and opportunities inside and outside the organization.
Building meaningful connections is at the heart of everything we do, and that includes our recruiting practices. We're committed to offering all candidates a fair, accessible, and inclusive experience – regardless of age, color, disability, gender identity, marital status, maternity, national origin, pregnancy, race, religion, sex, sexual orientation, or status as a protected veteran. When applying and interviewing with Braze, we want you to feel comfortable showcasing what makes you you.
We know that sometimes different circumstances can lead talented people to hesitate to apply for a role unless they meet 100% of the criteria. If this sounds familiar, we encourage you to apply, as we’d love to meet you.
Please see our Candidate Privacy Policy for more information on how Braze processes your personal information during the recruitment process and, if applicable based on your location, how you can exercise any privacy rights.Top Skills
Similar Jobs at Braze
.jpg)
What you need to know about the Los Angeles Tech Scene
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
