Senior Product Security Engineer

About the Role

Day-to-day, you will be focused on building and scaling robust security programs, using AI and automation as force multipliers to drive security tooling, guardrails, and review processes. Your expertise in cloud security, secure containerized environments, and modern programming languages will be essential in this role.

What You Will Do

• Partner with product and engineering teams to integrate security throughout the development lifecycle
• Leverage AI and automation to scale product security coverage and match the pace of AI-assisted development
• Design and implement security controls and architecture that scale with the growing product portfolio
• Conduct comprehensive security reviews and threat modeling to identify and mitigate potential vulnerabilities
• Contribute to the vulnerability management program, including triaging bug bounty and vulnerability disclosure reports
• Develop and implement automated security testing, monitoring, and response capabilities
• Serve as an incident responder during security events and lead post-incident reviews
• Champion security awareness and provide technical guidance to engineering teams
• Collaborate with cross-functional teams to drive security initiatives and ensure compliance with industry standards

What We Are Looking For

• 8+ years of experience in application or product security roles
• Demonstrated expertise in securing cloud-native applications and modern application security principles
• Experience leveraging AI and automation to scale security programs
• Strong understanding of cloud security, secure containerized environments, and modern programming languages
• Proficiency in Ruby, TypeScript, and/or Rust is highly desirable
• Experience with security testing methodologies and tools, including SAST, DAST, and SCA
• Strong incident response skills and experience participating in on-call rotations
• Excellent communication skills and ability to communicate complex security concepts to engineering teams

Nice to Have

• Experience with CI/CD security integration and DevSecOps practices
• Knowledge of security frameworks and compliance standards, such as OWASP and NIST
• Familiarity with cloud security platforms, including AWS
• Certification in security, such as CISSP or CEH

Benefits and Perks

• Competitive salary and benefits package
• Opportunity to work with a growing and innovative company
• Collaborative and dynamic work environment
• Professional development and growth opportunities
• Flexible remote work arrangements
• Access to cutting-edge security tools and technologies

• When applying for this role, be prepared to provide examples of your experience with AI-augmented security and automation, and how you have used these technologies to drive security initiatives.
• Make sure your resume and cover letter highlight your expertise in modern application security principles and cloud security.
• Be prepared to discuss your experience with security testing methodologies and tools, including SAST, DAST, and SCA.
• Showcasing your ability to communicate complex security concepts to engineering teams will be essential in this role, so be prepared to provide examples of your communication skills.
• Research the company's values and mission, and be prepared to discuss how your skills and experience align with these values.
• Consider creating a portfolio or repository of your security projects and tools to demonstrate your expertise and showcase your work to potential employers.