Postúlate en Kit Empleo: kitempleo.cl/empleo/1909d8

**Overview**:
**About Nerdy**:
At Nerdy (NYSE: NRDY) - the company behind Varsity Tutors - we're redrawing the blueprint of learning. Our Live + AI platform fuses real-time human expertise with proprietary generative-AI systems, setting a new bar for measurable academic impact at global scale. We recruit the kind of technologists and operators you'd bet on as solo founders - people who turn ambiguous problems into shipping code, iterate faster than markets move, and compound their advantage with every data point. In an era where great employees can deliver 10-times the leverage of the merely good, we back those who play to win.

Fortune favors the bold. Join us.

**How we compete**:

- **AI-Native at every level**
From the CEO to day-one hires, everyone builds and ships with generative AI. If you're not wielding AI, you're not done.
- **Entrepreneurial velocity**
Move at founder speed, prototype in hours, and measure in real user outcomes. Slow teams die.
- **Free-market rigor**
Ideas rise or fall on merit and results - no committees, no politics, no cap on upside.
- **Full-stack ownership**
You design, build, and run what you ship; accountability is a feature, not a bug.
- **Reward for contribution**
Pay rises with impact, not years. Outstanding results earn outsized rewards. We evaluate both _what_ you achieve and _how _you achieve it: living our leadership principles and using AI effectively are formally measured and rewarded.
- **Relentless exploration**
Push the frontier of generative AI in live learning and - because only the paranoid survive - questioning every legacy assumption along the way.
- **Is Apolitical**
You stay focused on mission-aligned outcomes, not distractions or unrelated causes.

**Nerdy's shareholder letters below explain our latest products and strategy**:




- Q2-2025 Shareholder Letter- Q1-2025 Shareholder Letter- Q4-2024 Shareholder Letter

**Qualifications**:

- Required:_
- Experience as an Application Security Engineer, Security Consultant, or Security-focused Software Engineer.
- Strong understanding of secure coding practices and common vulnerability patterns.
- Proven ability to analyze exploit chains and demonstrate actual risk, leveraging AI to accelerate discovery and validation.
- Hands-on experience integrating security tooling into CI/CD pipelines.
- Familiarity with Ruby, Go, JavaScript/React, and related frameworks. Deep familiarity with OWASP guidance, including the OWASP Top 10, Application Security Verification Standard (ASVS), and Secure Coding Guidelines.
- Comfortable demonstrating real-world exploits to technical and non-technical stakeholders.
- Excellent written and verbal communication skills in an async-first, remote environment.
- Preferred:_
- Experience with API security testing and continuous monitoring, leveraging AI for fuzzing, intelligent input generation, and automated discovery.
- Experience building or maintaining secure development training programs.
- Security certifications (OSWE, OSCP, GIAC) are a plus but not required.

**Responsibilities**:

- Enable engineering teams to move quickly while embedding security into development workflows—security and speed go hand-in-hand.
- Partner with engineering on secure use of AI services,



evaluating controls such as AI gateways, prompt inspection, and policy enforcement.
- Identify, prioritize, and implement security tooling in developer environments and CI/CD pipelines, with AI-assisted triage to reduce noise and highlight exploitable risks.
- Collaborate with developers to identify vulnerabilities in code, APIs, and dependencies; improve secure coding awareness; and participate in design reviews and threat modeling.
- Demonstrate practical exploit techniques to raise security awareness and drive remediation, including chaining multiple weaknesses across services to illustrate end-to-end risk.
- Analyze vulnerabilities across code, dependencies, APIs, and logic, with AI-assisted techniques to identify and prioritize exploit chains.
- Build or adapt automation scripts and tools for continuous security validation,, using AI copilots to accelerate script generation and validation.
- Lead incident response activities as part of the incident commander rotation.
- Drive continuous improvement of incident response runbooks and playbooks_._

**Unlock Your Full Potential at Nerdy**:
Join our worldwide team—work from home, get great pay, and help shape the future of learning. Here's what you get:

- **Competitive USD Compensation**: Enjoy a market-leading rate paid in U.S. dollars.
- **100% Remote (Home Country Only)**: Work from anywhere in your home country—no relocation required, no borders crossed.
- **Versátil Time Off**: Our flexible PTO lets you recharge on your own terms and when you need it the most.
- **Local Holiday Pay**: We honor your nation's official holidays with paid time off—celebrate what matters to you.
- **Continuous Learning**: Get a free, all-inclusive learning membership for you and your

Postúlate en Kit Empleo: kitempleo.cl/empleo/1909d8

📌 Application Security Engineer (Santiago)
🏢 Nerdy
📍 Santiago