RevenueCat
Senior Application Security Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
RevenueCat
RevenueCat removes the headaches of building and scaling in-app subscriptions. Since graduating from YC’s S18 batch we’ve grown into the default monetization platform for mobile: we’re in >40% of newly shipped subscription apps, we process $12B+ in annual purchase volume, and we help everyone from a solo dev in Brazil to the OpenAI mobile team understand and grow their revenue.
We’re a remote-first crew of 150+, spread across 25+ countries, and guided by values we actually practice: Customer Obsession, Always Be Shipping, Own It, and Balance. If you want your work to touch hundreds of millions of end-users (and help the developers behind them get paid), you’ll fit right in.
The role:
We are looking for a Senior, proactive Application Security Engineer to work closely with engineering teams, PMs and external parties to ensure that RevenueCat's products are secure.
RevenueCat has a fast-shipping culture. Your mission is to help to keep security at that speed, invest in automatic tooling to prevent certain kinds of security issues, identify common patterns and create frameworks that make building secure applications the default, so frictionless that adoption is natural and enthusiastic.
Our product is used extensively in top-tier apps, and is used to gate access to paid features. As such it needs to implement novel methods to prevent tampering and keep security high.
Other responsibilities will be:
- Participate in security code and system reviews, threat modeling and risk assessments.
- Support the Bug Bounty program, helping teams on triaging, prioritizing and fixing issues, learning the common issues and using that information to improve the foundations.
- Collaborate closely with infra security to level up our security posture.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
About you:
You have 5+ years in Application Security, including:
- Deep understanding of common security flaws and ways to address them, both in web and mobile app environments.
- Experience with common security tools and services, like SAST tools, proxies, etc.
- Experience identifying security issues through code review.
- You love building frameworks and automation: You see that the best way to ensure that security and best practices are followed is to make something so easy and joyful to use that nobody wants to use anything else.
- You are AI-Curious: You understand how LLMs and AI coding tools are changing engineering, you want to embrace and use them effectively to keep security level up. At the same time, you are familiar with new AI security risks regarding MCPs, prompt injection, etc, and want to build safer guardrails for agentic development and AI adoption in the product.
- You are proactive: You see what is needed, you take action and own problems to turn them into solutions.
- You are agile: You move fast, iterate quickly, pivot and reprioritize when needed to maximize impact.
Ideally, you have:
- Experience securing mobile SDKs (iOS/Android) and backend services (Python)
In the first month, you'll:
- Meet your team!
- Get up to speed on our infrastructure, services and codebases.
- Familiarize yourself with SDK and backend, how they interact.
- Explore the bug bounty platform and reports.
- Ship your first project.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Within the first 3 months, you'll:
- Be able to scope and work on tasks self-sufficiently.
- Participate in code reviews, security design reviews.
- Participate actively in the bug bounty program.
Within the first 6 months, you'll:
- Understand deeply risks and threats on SDK, how SDK and backend interact and the backend application.
- Actively contribute to improve security, pushing and introducing frameworks, tools or services that have measurable impact.
- Collaborate closely with other teams, creating ties, trust relationships, providing security guidance.
Within the first 12 months, you'll:
- Be the go-to expert for application security issues, seek for security reviews, threat assessments.
- Have your own initiatives for improving application security.
What we offer:
- Competitive equity in a fast-growing, Series C startup backed by top-tier investors, including Y Combinator
- 10-year window to exercise vested equity options
- Fully remote and flexible work environment
- 4-5 weeks of suggested time off annually for mental, physical, and emotional recharge
- $2,000 USD for workspace setup and $1,000 USD annual stipend for continuous learning
Curious about the interview process? Discover more in our blog post about how we hire and learn tips to help you succeed.
Compensation Range: $230K
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location