Merge is the leading provider of agentic tools and customer-facing integrations for frontier LLMs, Fortune 500 organizations, and B2B SaaS companies. Our platform offers three core products: Merge Unified, which enables businesses to add hundreds of integrations to their products with a single API, Merge Agent Handler, which empowers AI agents with secure access to thousands of third-party tools, and Merge Gateway, the control plane for running AI in production. Merge's enterprise-grade platform handles the entire integration lifecycle, from authentication and security to monitoring and maintenance. Thousands of companies trust Merge to accelerate product development, unblock sales, reduce customer churn, and save engineering resources—allowing them to focus on their core product.
Merge is poised to power all B2B integrations, and in doing so, are powering data movement for some of the most secure companies in the world. Working with these powerhouses requires us to follow industry leading security practices and constantly protect ourselves.
As a Security Engineer at Merge, you will be the primary owner of product and application security across our platform. You'll work directly alongside our Head of Security and partner closely with Engineering and Product to find and fix vulnerabilities, shape how we build securely, and ensure our API-first, AI-powered products ship with strong security guarantees. While you don't need specific experience with all of the above, we'd expect you to be excited to learn and grow, and tackle any challenges that may come your way.
What you will do:
Own product and application security across Merge's platform: APIs, integrations, agent tooling, and AI-powered features
Conduct security reviews, threat modeling, and code reviews with a focus on application-layer vulnerabilities (OWASP Top 10, injection, auth flaws, insecure deserialization, etc.)
Drive vulnerability identification and remediation across the full SDLC, from design through deployment
Build and mature our application security program, including SAST/DAST tooling, security testing in CI/CD, and developer security guidance
Utilize AI to test the resiliency of our applications and systems
Own and operate our bug bounty program end to end: triage, response, remediation, and researcher communication
Partner with Engineering to embed secure design patterns and security review into how we ship software
Support infrastructure and cloud security as needed, with a focus on how it intersects with our product surface
The ideal candidate will have:
3–6+ years of security engineering experience with a strong focus on product or application security
Deep familiarity with application security concepts: OWASP, common vulnerability classes, secure API design, auth and authorization patterns
Experience conducting threat modeling and secure code reviews
Hands-on experience with application security tooling (SAST, DAST, SCA) and integrating security into CI/CD pipelines
Experience with and a desire to code in at least one major programming language. You should be comfortable reading and writing code, not just running scanners
Experience in a SaaS or API-driven environment; familiarity with multi-tenant systems and the security challenges they present
Interest in learning and supporting other areas of Security where needed
Bonus: experience with AI/LLM security, agent security, or securing data-heavy API platforms
Compensation:
The cash compensation range for this role is $165,000 - $200,000
Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, and certifications. In addition to cash compensation, all full time employees receive an equity compensation package
Benefits:
Unlimited PTO + 10 company holidays
Pre-Tax commuter benefits
100% covered health, vision, and dental insurance
401K Plan
$200 one-time home office stipend
In office snacks and free dinner when working past 7pm
Based on 1,638 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $179K (10th–90th percentile: $92K–$215K).
See the full Security salary breakdown →