Software Engineer, Security

Thinking Machines Lab is seeking a Software Engineer, Security to ensure our products are secure by default while supporting rapid and ambitious product development. In this role, you will collaborate closely with product and research teams to integrate security into the design and development processes, and build tools and automation to maintain system safety at scale.

Key responsibilities include partnering with teams to embed security throughout the development lifecycle, such as conducting threat modeling, design reviews, and establishing secure defaults for new features. You will design and implement security controls across our product stack, including authentication, authorization, session management, and input validation. Additionally, you will build and maintain security tooling and automation for engineers, such as secure frameworks, CI/CD checks, dependency management, and vulnerability detection. Collaborating with researchers to identify and mitigate AI-specific product risks, like model abuse and data leakage, is also a critical aspect of this role.

The ideal candidate will have a bachelor's degree or equivalent experience in computer science, engineering, or a related field. Proficiency in at least one backend language, such as Python or Rust, is required. A strong generalist software engineering background with the ability to review production code for security risks is essential. Hands-on experience securing web applications and APIs, particularly in areas like authentication flows, access control, secrets management, input validation, and data protection, is necessary. Familiarity with common vulnerability classes and prevention frameworks, as well as experience hardening prototypes into production, is also important. Comfort with modern cloud infrastructure and understanding how application concerns intersect with infrastructure is expected. The candidate should be comfortable operating across the stack and owning projects end-to-end, thrive in a highly collaborative environment involving various cross-functional partners and subject matter experts, and have a bias for action with a mindset to take initiative across different stacks and teams to ensure successful project delivery.

Preferred qualifications include experience securing AI-powered products or working with machine learning/large language model APIs and their unique threat models. A background in human-computer interaction, especially where security or trust plays a central role in the user experience, is advantageous. Strong skills in rapid prototyping and iteration, with a habit of turning ad-hoc fixes into reusable patterns and tools, are desirable. Open-source security work, bug bounty write-ups, or published tooling would be beneficial.

Thinking Machines Lab offers a competitive compensation package, with an expected annual salary range of $350,000 to $475,000 USD, depending on background, skills, and experience. We provide generous health, dental, and vision benefits, unlimited paid time off, paid parental leave, and relocation support as needed. Visa sponsorship is available for qualified candidates.

At Thinking Machines Lab, we are committed to empowering humanity through advancing collaborative general intelligence. We are scientists, engineers, and builders who have created some of the most widely used AI products, including ChatGPT and Character.ai, as well as popular open-source projects like PyTorch and OpenAI Gym. Joining our team means contributing to a future where everyone has access to the knowledge and tools to make AI work for their unique needs and goals.