Product Security Engineer

AirtableAirtable·Remote(San Francisco, CA; New York, NY; Remote (Seattle, WA only))
Software Development
Excel

WFA Digital Insight

The demand for skilled product security engineers is on the rise, with companies like Airtable at the forefront of no-code app platforms. As the industry grows, so does the need for experts who can balance security with engineering velocity. With over 500,000 organizations relying on Airtable, this role offers a unique chance to make a significant impact. Candidates should be prepared to showcase their proficiency in JavaScript, Node.js, and modern web application frameworks, as well as their experience with AI and LLM safety.

Job Description

About the Role

Airtable is seeking a highly skilled Product Security Engineer to join their team in shaping the security of their rapidly evolving platform. As a Product Security Engineer, you will play a pivotal role in building paved roads, frameworks, and automated controls that make the secure path the easy path for engineering teams. You will partner closely with product engineering teams to ensure that security is integrated into every aspect of the platform.

The successful candidate will have a strong background in computer science or a related field, with proficiency in writing clean, maintainable code. You will have deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them.

Airtable's platform is used by over 500,000 organizations, including 80% of the Fortune 100, making this a high-impact role with the potential to make a significant difference in the industry.

What You Will Do

  • Develop self-service security frameworks and 'paved roads' that allow engineering teams to ship secure code by default
  • Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues
  • Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance
  • Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows
  • Manage and evolve the approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem
  • Contribute to the long-term roadmaps, metrics, and strategic planning for the security team
  • Lead complex threat modeling sessions for major product launches and define secure coding standards
  • Actively mentor other engineers to raise the technical security bar across the organization

What We Are Looking For

  • 4+ years of experience in product security or application security, with experience shipping production code
  • Strong background in computer science or a related field, with proficiency in writing clean, maintainable code
  • Deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks
  • Hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks
  • Proficiency in writing and reviewing code and treating security as an engineering problem to be solved with software, not just policies
  • Excellent communication skills, with the ability to communicate complex security risks to non-security stakeholders
  • Ability to work in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy

Nice to Have

  • Experience with security testing frameworks and tools
  • Knowledge of cloud security platforms and architectures
  • Familiarity with containerization and orchestration tools

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a highly skilled and experienced team
  • Chance to make a significant impact on the security of a rapidly evolving platform
  • Flexible working hours and remote work options
  • Access to the latest security tools and technologies
  • Professional development and training opportunities
  • Collaborative and dynamic work environment

How to Stand Out

  • Tip: Make sure your portfolio showcases your experience with security testing frameworks and tools, as well as your proficiency in JavaScript, Node.js, and modern web application frameworks.
  • Be prepared to discuss your experience with AI and LLM safety, and how you have implemented controls to secure these workflows in previous roles.
  • Highlight your ability to communicate complex security risks to non-security stakeholders, and provide examples of how you have done so in the past.
  • Showcase your proficiency in writing clean, maintainable code, and your experience with treating security as an engineering problem to be solved with software, not just policies.
  • Be prepared to discuss your experience with security testing frameworks and tools, and how you have used them to identify and remediate vulnerabilities in previous roles.
  • Tip: Research Airtable's platform and products, and be prepared to discuss how you can contribute to the long-term roadmaps, metrics, and strategic planning for the security team.
  • Be prepared to provide examples of how you have mentored other engineers to raise the technical security bar across an organization, and how you have led complex threat modeling sessions for major product launches.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.