SeniorSecurityEngineer

Senior Security Engineer Engineering Prolific Prolific is not just another player in the AI space – we are the architects of the human data infrastructure that's reshaping the landscape of AI development. In a world where foundational AI technologies are increasingly commoditized, it's the quality and diversity of human-generated data that truly differentiates products and models. The role Security at Prolific isn't an afterthought, it's foundational to how we build. As a company trusted by world-leading research institutions and AI labs to handle sensitive data at scale, the security of our application layer is critical. We handle participant data, researcher credentials, payment flows, and API integrations that demand rigorous protection at the code level. As a Senior Security Engineer, you'll be the technical authority on application security at Prolific. You'll work hands-on with our engineering teams to find and fix vulnerabilities in our codebase, perform security testing, build security tooling, and embed secure development practices into how we ship software. This isn't a governance or policy role, you'll be in the code, reviewing pull requests, threat modelling new features, and building the automation that keeps our platform secure as we scale. You'll report to the Head of Engineering/Platform and work cross-functionally with product engineering, platform, data, and TechOps teams. What you’ll bring to the role Several years in application/product security and a background in software engineering Strong knowledge of OWASP Top 10 (Web & API) and modern attack paths (e. g. auth flaws, SSRF, injection, business logic abuse, supply chain) Experience working with complex, large-scale systems and modern architectures Hands-on security testing experience (especially Burp Suite) across web apps and APIs Python for security tooling, automation, or custom detection (Django a plus) Experience implementing and tuning SAST, SCA, DAST, and secret scanning in CI/CD Practi