{"schemaVersion":"jobsearcher.job.v1","id":"9a6ee1e247f737ccb11b357a","url":"https://jobsearcher.com/jobs/9a6ee1e247f737ccb11b357a","canonicalUrl":"https://jobsearcher.com/jobs/9a6ee1e247f737ccb11b357a","title":"Security Engineer","description":"Merge is the leading provider of agentic tools and customer-facing integrations for frontier LLMs, Fortune 500 organizations, and B2B SaaS companies. Our platform offers three core products: Merge Unified, which enables businesses to add hundreds of integrations to their products with a single API, Merge Agent Handler, which empowers AI agents with secure access to thousands of third-party tools, and Merge Gateway, the control plane for running AI in production. Merge's enterprise-grade platform handles the entire integration lifecycle, from authentication and security to monitoring and maintenance. Thousands of companies trust Merge to accelerate product development, unblock sales, reduce customer churn, and save engineering resources—allowing them to focus on their core product.Merge is poised to power all B2B integrations, and in doing so, are powering data movement for some of the most secure companies in the world. Working with these powerhouses requires us to follow industry leading security practices and constantly protect ourselves.As a Security Engineer at Merge, you will be the primary owner of product and application security across our platform. You'll work directly alongside our Head of Security and partner closely with Engineering and Product to find and fix vulnerabilities, shape how we build securely, and ensure our API-first, AI-powered products ship with strong security guarantees. While you don't need specific experience with all of the above, we'd expect you to be excited to learn and grow, and tackle any challenges that may come your way.What You Will DoOwn product and application security across Merge's platform: APIs, integrations, agent tooling, and AI-powered featuresConduct security reviews, threat modeling, and code reviews with a focus on application-layer vulnerabilities (OWASP Top 10, injection, auth flaws, insecure deserialization, etc.)Drive vulnerability identification and remediation across the full SDLC, from design through deploymentBuild and mature our application security program, including SAST/DAST tooling, security testing in CI/CD, and developer security guidanceUtilize AI to test the resiliency of our applications and systemsOwn and operate our bug bounty program end to end: triage, response, remediation, and researcher communicationPartner with Engineering to embed secure design patterns and security review into how we ship softwareSupport infrastructure and cloud security as needed, with a focus on how it intersects with our product surfaceThe Ideal Candidate Will Have3–6+ years of security engineering experience with a strong focus on product or application securityDeep familiarity with application security concepts: OWASP, common vulnerability classes, secure API design, auth and authorization patternsExperience conducting threat modeling and secure code reviewsHands-on experience with application security tooling (SAST, DAST, SCA) and integrating security into CI/CD pipelinesExperience with and a desire to code in at least one major programming language. You should be comfortable reading and writing code, not just running scannersExperience in a SaaS or API-driven environment; familiarity with multi-tenant systems and the security challenges they presentInterest in learning and supporting other areas of Security where neededBonus: experience with AI/LLM security, agent security, or securing data-heavy API platformsCompensationThe cash compensation range for this role is $165,000 - $200,000 Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, and certifications. In addition to cash compensation, all full time employees receive an equity compensation packageBenefitsUnlimited PTO + 10 company holidaysPre-Tax commuter benefits100% covered health, vision, and dental insurance 401K Plan$200 one-time home office stipendIn office snacks and free dinner when working past 7pm","company":"Merge","rawCompany":"merge","city":"Millbrae","state":"CA","isRemote":false,"isActive":false,"createdAt":"2026-06-19T09:24:13.159Z","occupations":[{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1212.00","title":"Information Security Analysts","slug":"information-security-analysts"},{"code":"15-1252.00","title":"Software Developers","slug":"software-developers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Security Engineer","description":"Merge is the leading provider of agentic tools and customer-facing integrations for frontier LLMs, Fortune 500 organizations, and B2B SaaS companies. Our platform offers three core products: Merge Unified, which enables businesses to add hundreds of integrations to their products with a single API, Merge Agent Handler, which empowers AI agents with secure access to thousands of third-party tools, and Merge Gateway, the control plane for running AI in production. Merge's enterprise-grade platform handles the entire integration lifecycle, from authentication and security to monitoring and maintenance. Thousands of companies trust Merge to accelerate product development, unblock sales, reduce customer churn, and save engineering resources—allowing them to focus on their core product.Merge is poised to power all B2B integrations, and in doing so, are powering data movement for some of the most secure companies in the world. Working with these powerhouses requires us to follow industry leading security practices and constantly protect ourselves.As a Security Engineer at Merge, you will be the primary owner of product and application security across our platform. You'll work directly alongside our Head of Security and partner closely with Engineering and Product to find and fix vulnerabilities, shape how we build securely, and ensure our API-first, AI-powered products ship with strong security guarantees. While you don't need specific experience with all of the above, we'd expect you to be excited to learn and grow, and tackle any challenges that may come your way.What You Will DoOwn product and application security across Merge's platform: APIs, integrations, agent tooling, and AI-powered featuresConduct security reviews, threat modeling, and code reviews with a focus on application-layer vulnerabilities (OWASP Top 10, injection, auth flaws, insecure deserialization, etc.)Drive vulnerability identification and remediation across the full SDLC, from design through deploymentBuild and mature our application security program, including SAST/DAST tooling, security testing in CI/CD, and developer security guidanceUtilize AI to test the resiliency of our applications and systemsOwn and operate our bug bounty program end to end: triage, response, remediation, and researcher communicationPartner with Engineering to embed secure design patterns and security review into how we ship softwareSupport infrastructure and cloud security as needed, with a focus on how it intersects with our product surfaceThe Ideal Candidate Will Have3–6+ years of security engineering experience with a strong focus on product or application securityDeep familiarity with application security concepts: OWASP, common vulnerability classes, secure API design, auth and authorization patternsExperience conducting threat modeling and secure code reviewsHands-on experience with application security tooling (SAST, DAST, SCA) and integrating security into CI/CD pipelinesExperience with and a desire to code in at least one major programming language. You should be comfortable reading and writing code, not just running scannersExperience in a SaaS or API-driven environment; familiarity with multi-tenant systems and the security challenges they presentInterest in learning and supporting other areas of Security where neededBonus: experience with AI/LLM security, agent security, or securing data-heavy API platformsCompensationThe cash compensation range for this role is $165,000 - $200,000 Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, and certifications. In addition to cash compensation, all full time employees receive an equity compensation packageBenefitsUnlimited PTO + 10 company holidaysPre-Tax commuter benefits100% covered health, vision, and dental insurance 401K Plan$200 one-time home office stipendIn office snacks and free dinner when working past 7pm","datePosted":"2026-06-19T09:24:13.159Z","dateModified":"2026-06-19T09:24:13.159Z","hiringOrganization":{"@type":"Organization","name":"Merge","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Millbrae","addressRegion":"CA","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"9a6ee1e247f737ccb11b357a"},"url":"https://jobsearcher.com/jobs/9a6ee1e247f737ccb11b357a"}}