Product Security Engineer

LatticeLattice·Remote(Remote - US)
Software Development

WFA Digital Insight

As the demand for digital skills continues to rise, companies like Lattice are seeking skilled professionals to protect their products from security threats. With a 25% increase in cybersecurity breaches in the past year, the need for experienced Product Security Engineers has never been more pressing. Lattice stands out for its commitment to innovation and security, making this role an exciting opportunity for those passionate about secure coding practices and collaboration. Before applying, candidates should be aware of the latest security trends and technologies, such as AI/LLM security and cloud security, to succeed in this role.

Job Description

About the Role

As a Product Security Engineer at Lattice, you will play a critical role in ensuring the security and integrity of our products. You will work closely with our engineering teams to identify and mitigate security risks, implement secure coding practices, and contribute to the development of our security protocols. Our engineering team values collaboration, innovation, and customer satisfaction, and we are looking for a skilled and dedicated professional to join our team.

Our Product Security team is responsible for partnering with engineering teams to ensure that our products are secure by design and resilient in production. We are committed to providing a secure and trustworthy experience for our customers, and we are seeking a talented Product Security Engineer to help us achieve this goal.

In this role, you will have the opportunity to work on a wide range of security-related projects, from identifying and remediating security issues to developing and implementing security protocols and procedures. You will also have the chance to collaborate with our engineering teams to ensure that security is integrated into every aspect of our product development lifecycle.

What You Will Do

  • Partner with engineers to identify, triage, and remediate security issues in product features and services
  • Participate in security reviews and threat modeling for new features and systems
  • Perform security-focused code reviews and help identify common vulnerabilities
  • Contribute to secure-by-default patterns, libraries, and tooling in our TypeScript-based stack
  • Help implement and operate security tooling (SAST, DAST, dependency scanning, etc.)
  • Support vulnerability management workflows, including internal findings and bug bounty reports
  • Assist in investigating security issues and assessing risk and impact
  • Collaborate with platform and infrastructure teams to improve application and cloud security posture
  • Contribute to improving security practices in AWS-based environments
  • Assist in identifying and mitigating risks in AI/LLM-powered features, including prompt injection, data leakage, and unsafe output handling
  • Apply emerging best practices (OWASP Top 10 for LLM Applications) to real product use cases

What We Are Looking For

  • 1-3+ years of experience in product security, application security, or software engineering
  • Experience writing and maintaining code in JavaScript/TypeScript (or similar languages like Python or Ruby)
  • Familiarity with common web and API vulnerabilities (e.g., OWASP Top 10)
  • Exposure to security testing tools (SAST, DAST, dependency scanning, etc.)
  • Experience working in or with cloud environments (AWS or similar)
  • Ability to identify common security risks and suggest practical mitigations
  • Understanding of secure coding practices and basic security controls
  • Interest in how security decisions impact real-world product systems
  • Strong communication skills and ability to work closely with engineering teams
  • Willingness to ask questions, learn quickly, and take ownership of well-scoped problems

Nice to Have

  • Experience with modern web architectures (Next.js, NestJS, GraphQL)
  • Familiarity with containerization or Kubernetes
  • Experience or interest in AI/LLM security, including prompt injection, data leakage, and unsafe output handling
  • Experience with security frameworks and protocols (e.g., OAuth, JWT)

Benefits and Perks

  • Competitive salary and equity package
  • Comprehensive health, dental, and vision insurance
  • Flexible paid time off and holidays
  • Remote work stipend and home office setup assistance
  • Professional development opportunities and conference sponsorships
  • Access to cutting-edge security tools and technologies
  • Collaborative and dynamic work environment with a team of experienced professionals

How to Stand Out

  • To stand out in this role, highlight your experience with secure coding practices, security testing tools, and cloud security.
  • Make sure to review the OWASP Top 10 and familiarize yourself with common web and API vulnerabilities.
  • Prepare to discuss your experience with security protocols and procedures, such as vulnerability management and threat modeling.
  • Showcase your ability to communicate complex security concepts to non-technical stakeholders.
  • Be prepared to provide examples of your experience with AI/LLM security and cloud security.
  • Research Lattice's products and services to understand their security needs and challenges.
  • Consider creating a portfolio of your security-related projects and certifications to demonstrate your expertise.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.