Back to Experience
Strike 7

Application Security Engineer - Contract at Strike 7

On-site
Jan 2026 - Mar 2026

Overview

As an Application Security Engineer at Strike 7, I helped build and secure an autonomous AI-powered penetration testing SaaS platform for Managed Service Providers and enterprise clients. The platform supported isolated client/MSP provisioning, package assignment, direct client purchases, and automated pentest execution. I worked across Nest.js, TypeScript, PostgreSQL, and cloud infrastructure while applying secure REST API design, authentication and authorization controls, input validation, organization-level data segregation, tenant isolation, PostgreSQL Row Level Security, and GDPR/SOC2-aware architecture decisions. The platform also integrated AI-related services including mem0, Browserbase, and Langfuse to support automated security workflows and observability.

Key Responsibilities

  • Designed and developed backend services and frontend modules for an autonomous AI-powered penetration testing SaaS platform
  • Implemented isolated provisioning workflows allowing MSPs to assign testing packages and clients to directly purchase and execute automated pentests
  • Created and secured RESTful APIs with authentication, authorization, validation, tenant isolation, and safe error handling
  • Structured PostgreSQL databases with org-level data segregation, Row Level Security patterns, indexing, and query performance tuning
  • Contributed GDPR/SOC2-aware implementation choices for customer data handling and SaaS security boundaries
  • Integrated mem0 for contextual memory handling, Browserbase for browser automation, and Langfuse for LLM observability
  • Followed secure coding standards and performed security testing to reduce common web vulnerabilities
  • Contributed to admin dashboard development for centralized management of users, packages, pentests, and configurations
  • Worked in a collaborative team environment leveraging AI-assisted development for faster and more efficient implementation

Tech Stack

Backend

  • Nest.js

Language

  • TypeScript

Database

  • PostgreSQL
  • PostgreSQL RLS

Cloud

  • AWS
  • DigitalOcean

Security

  • RESTful APIs
  • Authentication
  • Authorization

AI tooling

  • mem0
  • Browserbase
  • Langfuse