At Unstructured, we’re building the data infrastructure that powers next-generation LLM and RAG applications. Security is core to that mission — our customers trust us with their most sensitive data, and we take that responsibility seriously.

We’re looking for a Senior or Staff-level Application Security Engineer to help lead and scale our AppSec program. In this role, you’ll own key security initiatives, partner closely with engineering and product teams, and guide junior team members while remaining deeply hands-on with code reviews, automation, and threat modeling.

Lead security architecture and threat modeling efforts for high-impact features and services.

Perform deep, security-focused code reviews and guide development teams in remediation best practices.

Build and maintain automated security testing and developer enablement tooling that scales with the org.

Partner with engineering leadership to embed security into the SDLC and promote a secure-by-default culture.

Act as a technical mentor to junior AppSec engineers and partner teams.

Lead incident response and post-mortems for application security issues.

Drive security documentation, training, and best practices for developers across the company.

Support cross-functional security initiatives with product, infrastructure, and compliance teams.

Provide light people management (mentorship, feedback, and possibly managing 1–2 junior engineers as the team grows).

5+ years of AppSec or product security experience, with at least 2 years in a senior or leadership capacity.

Proven track record of leading security reviews, threat modeling, or architecture reviews in production environments.

Deep knowledge of common vulnerabilities and mitigations (OWASP Top 10, SANS CWE, etc.).

Experience with security tools and libraries (SAST, DAST, dependency scanning, penetration testing).

Proficiency in at least one modern programming language (Python, Go, or JavaScript preferred) and scripting experience.

Strong understanding of cloud-native environments (AWS, GCP, Kubernetes) and securing CI/CD pipelines.

Excellent communication and stakeholder management skills, able to translate security concerns into actionable guidance.

Experience building or scaling security programs in a startup or high-growth environment.

Background in securing AI, ML, or data-intensive applications.

Experience managing bug bounty or responsible disclosure programs.

Prior experience with team management or mentoring.

A strategic thinker who can balance technical depth with business needs.

A collaborative leader who enjoys guiding others while staying hands-on.

Someone who thrives in a fast-paced, high-growth environment and can drive initiatives independently.

Shape the security roadmap of a company at the forefront of AI and data infrastructure.

Collaborate with world-class engineers and leaders on mission-critical initiatives.

Competitive compensation, equity, and benefits