Product Security Engineer

LatticeLattice·Remote(Remote - Canada)
Software Development

WFA Digital Insight

As demand for digital security experts grows, with a 25% increase in 2025, professionals with expertise in product security are in high demand. This role at Lattice offers a unique chance to work on AI-powered security solutions, collaborating closely with engineering teams. With the rise of remote work, companies are looking for skilled security engineers who can navigate complex digital landscapes. Before applying, candidates should be aware of the importance of secure coding practices, cloud security, and the ability to communicate technical risks effectively.

Job Description

About the Role

The Product Security Engineer role at Lattice is a critical position that focuses on ensuring the security and integrity of the company's products and services. As a key member of the Product Security team, you will collaborate closely with engineering teams to identify, triage, and remediate security issues in product features and services. Your expertise will help shape the security posture of Lattice's applications and services, contributing to a secure and resilient product experience for users.

The role is part of a dynamic team that values strong collaboration, maintainable systems, and thoughtful product experiences. As Lattice expands its AI-powered capabilities, security is a top priority, and your contributions will be instrumental in ensuring that security is integrated into every aspect of the product lifecycle.

As a Product Security Engineer, you will be working in a fast-paced environment that requires adaptability, a keen eye for detail, and the ability to communicate complex security concepts to both technical and non-technical stakeholders. Your work will have a direct impact on the security and success of Lattice's products, making this a highly rewarding role for those passionate about security and technology.

What You Will Do

  • Partner with engineers to identify, triage, and remediate security issues in product features and services
  • Participate in security reviews and threat modeling for new features and systems
  • Perform security-focused code reviews and help identify common vulnerabilities
  • Contribute to secure-by-default patterns, libraries, and tooling in our TypeScript-based stack
  • Help implement and operate security tooling (SAST, DAST, dependency scanning, etc.)
  • Support vulnerability management workflows, including internal findings and bug bounty reports
  • Assist in investigating security issues and assessing risk and impact
  • Collaborate with platform and infrastructure teams to improve application and cloud security posture
  • Contribute to improving security practices in AWS-based environments
  • Assist in identifying and mitigating risks in AI/LLM-powered features, including prompt injection, data leakage, and unsafe output handling
  • Apply emerging best practices (OWASP Top 10 for LLM Applications) to real product use cases

What We Are Looking For

  • 1–3+ years of experience in product security, application security, or software engineering
  • Experience writing and maintaining code in JavaScript/TypeScript (or similar languages like Python or Ruby)
  • Familiarity with common web and API vulnerabilities (e.g., OWASP Top 10)
  • Exposure to security testing tools (SAST, DAST, dependency scanning, etc.)
  • Experience working in or with cloud environments (AWS or similar)
  • Ability to identify common security risks and suggest practical mitigations
  • Understanding of secure coding practices and basic security controls
  • Interest in how security decisions impact real-world product systems
  • Strong communication skills and ability to work closely with engineering teams
  • Willingness to ask questions, learn quickly, and take ownership of well-scoped problems

Nice to Have

  • Experience with modern web architectures (Next.js, NestJS, GraphQL)
  • Familiarity with containerization or Kubernetes
  • Experience or interest in AI/LLM security

Benefits and Perks

  • Competitive compensation package
  • Opportunities for professional growth and development in a dynamic and expanding company
  • Collaborative and supportive work environment
  • Flexible remote work arrangements
  • Access to cutting-edge technologies and tools
  • Recognition and rewards for outstanding performance
  • Comprehensive health and wellness programs
  • Generous PTO and holiday policies

How to Stand Out

  • Ensure your resume and cover letter highlight specific examples of security issues you've identified and mitigated in previous roles.
  • Be prepared to discuss your experience with security testing tools and how you've applied them in real-world scenarios.
  • Show a keen interest in AI and cloud security, and be ready to discuss emerging trends and best practices in these areas.
  • Develop a portfolio that showcases your coding skills, particularly in JavaScript/TypeScript, and your ability to contribute to secure-by-default patterns and tooling.
  • During interviews, emphasize your ability to collaborate with engineering teams and communicate complex security concepts to both technical and non-technical stakeholders.
  • When discussing salary, highlight your research on market standards for product security engineers and be prepared to negotiate based on your experience and qualifications.
  • Be wary of roles that do not emphasize security as a core part of their product development process, as this may indicate a lack of commitment to security best practices.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.