Application Security Engineer

Fin is transforming customer service through AI, helping businesses deliver fast, accurate, and reliable support at scale. Trust is foundational to that mission.

Fin's Security Engineering team is unlike most security teams. We own and operate critical security services, build customer-facing security features, and partner with engineering teams to make secure development the default. We're engineers first; designing, building, and operating systems that protect Fin and its customers. The team owns and operates tier-zero services including authentication, SAML/SSO, teammate activity logs, malicious URL scanning, and other critical trust and security capabilities.

The mission of the team is to help Fin build and operate trusted AI-powered customer service experiences by making security a natural part of how products are designed, developed, and delivered. As Fin continues to expand its capabilities and adoption, you'll help shape how security evolves alongside some of the most ambitious AI-powered products in customer service. We're taking an AI-first approach to security, exploring areas such as AI-powered detection, red-team automation, continuous monitoring, and emerging defensive capabilities to help meet an evolving threat landscape.

• Own and engineer tier-zero security capabilities that help customers securely deploy and manage Fin.
• Design, build, and evolve customer-facing security features, including authentication, SAML/SSO, permissions systems, audit and activity logging, malicious URL scanning, and other enterprise security controls.
• Partner with engineering teams throughout the software development lifecycle to build secure products and services.
• Perform architecture reviews, threat modelling exercises, and security assessments for new features and systems.
• Build security tooling, automation, and developer-facing building blocks that make secure development easier and more scalable.
• Contribute to secure development standards, guidance, and best practices across Fin.
• Lead application security initiatives across the software development lifecycle, helping teams identify and address security risks early.
• Participate in a shared on-call rotation and lead security incident response, investigation, and remediation efforts.
• Drive security initiatives from problem definition through design, implementation, and measurable outcomes.
• Partner with teams building AI-powered products to assess and mitigate emerging security risks.
• Help shape Fin's AI-first approach to security, including AI-powered detection, red-team automation, continuous monitoring, and emerging defensive capabilities.
• Support the secure adoption of AI-assisted software development tools and engineering workflows.

• Proven application security, product security, or security engineering experience within a SaaS environment.
• Strong software engineering skills with experience designing, building, and operating production systems.
• Deep understanding of modern application security threats, secure software development practices, and threat modelling.
• Experience designing, building, or securing authentication, authorization, identity, or enterprise security capabilities.
• Experience conducting architecture reviews and security assessments for complex systems.
• Hands-on security incident response experience, including leading investigations and remediation efforts.
• Strong programming skills and experience building tools, automation, or developer-focused solutions.
• Comfortable using modern AI-assisted development tools to improve productivity and engineering effectiveness.
• Ability to communicate security concepts clearly and collaborate effectively with engineering teams.
• A pragmatic approach to balancing security, customer impact, and engineering velocity.

• Experience building or owning authentication, SAML/SSO, identity, or access management capabilities.
• Experience securing AI-powered products or familiarity with security considerations for large language models, agentic systems, retrieval-based architectures, or AI tool integrations.
• Experience building security automation or security-focused platform capabilities at scale.
• Familiarity with cloud security, infrastructure security, or distributed systems.
• Experience working across both large-scale SaaS environments and high-growth companies.

Fin has a hybrid working policy. We believe that working in person helps us stay connected, collaborate easier and create a great culture while still providing flexibility to work from home. We expect employees to be in the office at least three days per week.

We have a radically open and accepting culture at Fin. We avoid spending time on divisive subjects to foster a safe and cohesive work environment for everyone. As an organization, our policy is to not advocate on behalf of the company or our employees on any social or political topics out of our internal or external communications. We respect personal opinion and expression on these topics on personal social platforms on personal time, and do not challenge or confront anyone for their views on non-work related topics. Our goal is to focus on doing incredible work to achieve our goals and unite the company through our core values.  

Fin values diversity and is committed to a policy of Equal Employment Opportunity. Fin will not discriminate against an applicant or employee on the basis of race, color, religion, creed, national origin, ancestry, sex, gender, age, physical or mental disability, veteran or military status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other legally recognized protected basis under federal, state, or local law.