Full Stack Security Engineer (Application & Product)
RunPod
Runpod is the AI Developer Cloud. More than one million developers, from indie researchers to teams running frontier models in production, use Runpod to experiment, train, fine-tune, deploy, and scale AI on one platform. The platform has processed more than 20 billion inference requests. We closed a $100M Series A in June 2026. We're at an inflection point for AI infrastructure, and we're building the platform the next generation of developers will depend on.
We're a small, remote-first team. We take ownership seriously, move fast, and ship work that more than a million developers rely on every day. We're looking for people who care deeply, build with urgency, and want to matter at scale.
Learn more in our CEO's funding announcement: https://www.runpod.io/blog/one-million-developers.
As RunPod continues to revolutionize the GPU cloud computing landscape, we are seeking a Full Stack Security Engineer to secure our customer-facing products, APIs, and internal services. This critical position will ensure the security of the software that powers our platform, enabling continued growth while protecting user data, billing systems, and web interfaces.
The ideal candidate possesses strong software development abilities coupled with deep experience in application security, DevSecOps, and modern web architectures. You will embed directly with our engineering teams to ensure our product is secure by design.
RunPod is seeking a proactive AppSec professional who believes in Integrated Security. You won't just toss PDF reports over the fence; you will write code to fix vulnerabilities, build automated security guardrails into our CI/CD pipelines, and foster a security-first culture among our developers.
Responsibilities:
- Product Security: Lead threat modeling, architecture reviews, and code reviews for our web applications, APIs, and microservices.
- Vulnerability Remediation: Actively develop and commit code to fix security flaws in our Python, Go, or JavaScript/TypeScript codebases alongside the engineering team.
- DevSecOps: Implement, tune, and manage security testing tools (SAST, DAST, SCA) within our CI/CD pipelines to catch vulnerabilities early in the SDLC.
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.