Who We Are

Serval is an AI-native automation platform transforming how enterprises operate. We build intelligent agents that understand real-world workflows and execute them end-to-end — replacing manual processes and rigid legacy systems with adaptive, learning software. Founded in early 2024, Serval is already trusted by companies like Fox, Notion, Perplexity, Vercel, and Brex to automate high-volume, high-friction operational work across their organizations.

At the core of Serval is an agentic AI platform that turns natural language into production-grade workflows. Our agents don’t just respond to requests — they reason, take action across systems, and continuously improve with usage. What began with operational use cases has quickly evolved into a horizontal AI automation layer used across IT, HR, Finance, Security, Legal, and Engineering.

Our mission is to eliminate repetitive, manual work across the enterprise and give teams leverage through intelligent automation. Long term, we’re building the universal AI operations layer — a system of agents that sits across business functions and runs the workflows that keep modern companies moving.

We’re backed by leading investors including Sequoia Capital, Redpoint Ventures, Meritech, First Round, General Catalyst, Elad Gil, and others.

Role Overview

As Application Security Lead, you'll build and scale the foundations of Serval's product and application security program. You will set the strategy and drive execution for secure software development, vulnerability management, threat modeling, and security architecture across our platform and the agentic systems our customers trust us to run inside their most sensitive environments.

You'll be a hands-on leader with deep technical credibility and strong engineering instincts. You will build and mentor a team, partner closely with Engineering and Product, and ensure that security is designed into the systems that power Serval from the first line of code rather than bolted on later.

What You'll Do

• Design, implement, and operate Serval's application security program, including secure SDLC practices, threat modeling, secure design review, code review, and remediation of vulnerabilities across our services, agent platform, integrations, and customer-facing surfaces.

• Build, lead, and directly mentor a team spanning product security, secure software development, and vulnerability management, hiring and scaling these functions deliberately and proportionately as Serval's platform and customer footprint grow.

• Establish world-class engineering rigor through secure coding standards, paved-path libraries and frameworks, security design patterns that scale security expertise across the engineering organization.

• Improve security coverage and signal quality by building and tuning the automated tooling that catches issues early (SAST, DAST, SCA, secrets scanning, dependency and supply-chain controls, and CI/CD security gates) and by partnering with engineering to make findings reliable, actionable, and low-friction to fix.

• Own the vulnerability lifecycle end-to-end: intake from internal testing, researchers, and bug bounty; triage and severity assessment; SLAs and remediation tracking; and coordinated disclosure.

• Partner deeply across Engineering, Product, and Infrastructure to embed security into Serval's systems by design, driving strong authentication and authorization, tenant isolation, data protection, secrets management, and the security of the agentic, tool-using workflows at the heart of the platform.

• Build a security program capable of withstanding sophisticated adversaries, including by tackling the novel application-security challenges of agentic AI (prompt injection, unsafe tool use, data exfiltration, and abuse of autonomous actions) and by using Serval's own agents to solve frontier security problems.

What You'll Need

• Have 10+ years in cybersecurity with deep expertise in application security, secure software development, and vulnerability management.

• Have deep experience building and leading application/product security, secure-SDLC, and vulnerability-management functions.

• Have stellar leadership skills and a demonstrated history of driving durable, continuous improvements to programs, processes, and people.

• Have strong software engineering fundamentals and can read, write, and review production code, partnering with engineers as a peer rather than a gatekeeper.

• Have exceptional written and verbal communication skills, can remain calm under pressure, and can effectively influence engineering and product decisions across a diverse gamut of teams, expertise, and seniority.

• Have deep expertise in modern application security tooling and primitives (SAST, DAST, SCA, secrets detection, fuzzing, software supply-chain security) and in secure cloud-native and distributed-systems architecture.

• Understand modern adversary tradecraft (TTPs) and how application-layer weaknesses are exploited, and have demonstrated experience translating that into practical secure-design guidance and prioritized remediation.

• Are mission-oriented, have unimpeachable integrity, and are passionate about building secure software in a highly complex, fast-paced environment. Bonus points if you're excited about the security challenges unique to AI agents.

What We Offer

• Impact: Be a key player in shaping the success of our product and company.

• Growth: Build a fundamentally new AI product offering with the support of our experienced team and investors. Grow rapidly with the company.

• Culture: Join a culture that values innovation, ownership, accountability, and fun.