Application Security Engineer United Kingdom +2 more

We’re looking for an Application Security Engineer to join the ElevenLabs Security team. In this role, you’ll work at the intersection of security and software engineering, building systems and tooling that enable teams to ship secure software at high velocity.

You will:

• 
  
• Design and build application security tooling and guardrails that integrate directly into modern development workflows, including environments that heavily leverage AI-assisted and agentic coding
  
• Partner with Engineering and Infrastructure teams to review application architectures, develop threat models and build in secure by default patterns throughout the software development lifecycle
  
• Identify, prioritise and remediate application security vulnerabilities, working directly with engineers and contributing to fixes where required, across the entire stack.
  
• Ship new security features which directly improve the security posture of our products in production
  
• Design and implement supply chain security controls across build and deployment pipelines, including artefact signing, provenance, dynamic admission controls and SBOM generation
  

• 
  
• Strong software engineering background, with experience building and shipping production systems
  
• Proven track record of building and scaling security programs or developer security tooling from scratch
  
• Fluency in Python and TypeScript with the ability to read, write and maintain production quality codeHands on experience in cloud-native environments (AWS or GCP), Kubernetes, and infrastructure-as-code (Terraform)
  
• Solid understanding of application security, including discovery, exploitation and remediation. You should understand how to prioritise fixes without relying on CVE scores alone
  
• Experience driving real security improvements through technical design, implementation and secure defaults, rather than through policy or manual review alone
  

• 
  
• Experience securing AI or Machine Learning systems, including training pipelines
  
• Background in developer experience or platform engineering, especially building developer tooling
  
• Contributions to open source security projects, published research or talks at security conferences
  
• Experience working in regulated environments (SOC 2, ISO27001, PCI, HIPAA or similar)
  

This role is remote and can be executed globally. xcfaprz However, to facilitate working with the Security Team, we prefer candidates based in GMT to GMT+3 or UK. If you prefer, you can work from our offices in Dublin, London or Warsaw.