Senior Product Security Engineer

📋 Description

• Perform security architecture assessments across mobile platforms (iOS/Android), backend systems (Java, Python, PHP), data pipelines, and third-party integrations. You will serve as the security consultant that teams consult during the design phase, rather than after.

• Convert threat models and security requirements into actionable guidance that engineers can implement.

• Establish trusted partnerships with product and platform engineering teams.

• Enhance the operational effectiveness of ASPM tooling (Cycode) to integrate SAST, SCA, secret scanning, and container security into clear, actionable insights rather than noise.

• Develop security-as-code frameworks and pre-approved libraries that ensure the secure path is the default choice.

• Streamline the automation of vulnerability triage, deduplication, and routing, allowing the team to focus on critical decision-making instead of repetitive tasks.

• Lead SLA-driven remediation processes with well-defined severity classifications, ownership, and escalation procedures.

• Create metrics that effectively communicate security posture in terms comprehensible to engineering leadership and executives.

• Collaborate on design evaluations for AI-driven features, including model access controls, data boundary enforcement, and authorization for retrieval systems.

• Assist in securing agent workflows, MCP integrations, and shared AI tools as their usage expands across engineering.

• Collaborate with Privacy, Legal, and Data Platform teams on protocols for handling sensitive data, such as real-time location information, family relationships, and data involving minors.

⛳️ Requirements

• Over 5 years of experience in application security, product security, or DevSecOps, with a proven history of implementing controls that gain acceptance, not merely approval.

• Practical experience is essential. You set secure patterns, write code, and produce tools that are viable in production environments. You are a hands-on practitioner, not just an advisor.

• Demonstrated experience in conducting threat models and security architecture reviews across mobile (iOS/Android), cloud (AWS/GCP), and backend services (Java, Python, PHP). You identify design flaws that automated tools may overlook.

• Hands-on experience securing AI/ML systems. You have dealt with prompt pipelines, RAG architectures, model access controls, or agentic workflows and are aware of the trust, authorization, and data boundary issues they create.

• Familiarity with ASPM platforms and security tools: SAST, SCA, secret scanning, and container scanning. You have optimized these tools to yield actionable insights rather than extraneous information.

• Understanding of CI/CD security integration. You have successfully incorporated security into pipelines without hindering developer productivity.

• Strong foundation in secure development practices: OWASP Top 10, OWASP LLM Top 10, secure-by-design principles, and practical guidance for remediation.

• Ability to navigate ambiguity. You thrive in creating initial standards, testing methodologies, and scaling effective solutions rather than waiting for established playbooks.

• Excellent cross-functional communication skills. You articulate risks, trade-offs, and technical decisions clearly across engineering, product, and leadership, ensuring clarity while reshaping risky decisions constructively.

🏝️ Benefits

• Competitive salary and benefits package.

• Comprehensive medical, dental, vision, life, and disability insurance plans fully covered for employees.

• 401(k) plan with a company matching program.

• Mental Wellness Program & Employee Assistance Program (EAP) to support mental health.

• Flexible Paid Time Off (PTO) policy, including 13 company-wide holidays throughout the year.

• Company-wide shutdowns for one week in both winter and summer.

• Opportunities for Learning & Development.

• Provision of equipment, tools, and reimbursement support to maintain a productive remote work environment.

• Complimentary Life360 Platinum Membership for your selected circle.

• Access to free Tile Products.