At Pylon, we're building the future of B2B Post Sales.
We’re building the all-in-one B2B post-sales support platform powered by conversational data and layered with intelligence to help our customers run their operations in real-time.
We’re backed by a16z, BCV, General Catalyst, Y Combinator.
Currently more than 1500 companies including Linear, Cognition (makers of Devin), Modal Labs, and Incident.io run their support and customer success workflows with Pylon. You'll also find us on the Enterprise Tech 30 List.
Our product has a very large problem space so there’s a ton of stuff to build and take ownership of - we’d be excited to get your help as we're hiring several extremely talented software engineers across the stack.
What you'll do
Own application and product security across what we've shipped and what's still to come, including threat modeling, secure design reviews, and code review on the areas that matter most like auth and access control.
Build tooling that scales security past one person: supply chain security, vulnerability management, secure-by-default libraries, and developer-friendly guardrails.
Run the vulnerability lifecycle end to end (triage, validation, prioritization, remediation) and help mature our bug bounty and disclosure programs.
Build AI-assisted security workflows, like agents that scan code, propose fixes, and surface real risk, along with the controls that let the rest of the team use coding agents safely.
Work hands-on with engineers to ship fixes and help them build securely by default, telling the difference between theoretical risk and risk that actually matters so we spend effort where it counts.
Take projects from customer request through design to ship, and own them the whole way through.
Help with incident response: triage, investigate, and coordinate the fix.
Flex into broader infrastructure work as we grow, including the same scaling, reliability, and developer-velocity problems the infra team owns.
What We're Looking For
You have 3+ years building production software with security at the center of it, or you're a strong infra/backend engineer looking to make security your focus.
You like to build, not just advise. You're comfortable turning risk into actual engineering work and shipping it.
You know application security fundamentals well: auth, sessions, APIs, secrets handling, and the common vulnerability classes and how to design them out.
You've done some mix of vulnerability triage, bug bounty, disclosure, or incident response, and can balance urgency against pragmatism.
You highly leverage AI for software development and can juggle multiple workstreams at the same time.
You’ve worked at startups previously and navigated ambiguous environments.
You have a growth mindset, want to constantly improve, and want to receive feedback.
You're in SF or you're willing to relocate, you love working in-person, and you're serious about joining us to build a culture we'll all love
(Bonus) You have experience with our tech stack (React, Golang, GraphQL, and AWS).
(Bonus) You have experience with building agentic products in production.
Our Perks
🚆 Commuter benefits
🌱 Parental leave
🏝️ 14 company holidays + unlimited PTO
🗺️ Annual offsite
🍽 Lunch, dinner, and snacks at the office
🏋️ Fitness stipend
More about Pylon
Funding: Series B led by a16z and BCV ($51M total raised)
Founders: Advith Chelikani, Robert Eng, and Marty Kausas
Team: Currently 100+ and growing!
Additional Job details
The base salary range for this position is $180k - $250k annually.
Compensation may vary outside of this range depending on a number of factors, including a candidate’s qualifications, skills, competencies and experience. Base pay is one part of the Total Package that is provided to compensate and recognize employees for their work at Pylon. This role is eligible for stock options, as well as a comprehensive benefits package.