Senior Product Security Engineer

This is a fully remote position, open to applicants in Germany.

📋 Description

• Your primary objective will be to enhance the security of n8n's products and platform by implementing hands-on security initiatives that assist engineering teams in minimizing risks, ensuring secure deployments, and cultivating a robust security practice from the outset.

• Management and disclosure of vulnerabilities

• Take charge of daily vulnerability intake and triage processes, including overseeing the security inbox and bug bounty submissions.

• Collaborate with engineering teams on remediation efforts and ensure issues are tracked through to resolution with defined priorities and follow-ups.

• Facilitate coordinated disclosures, GitHub Security Advisories, and timely communication with researchers in an organized manner.

• Security tools and technical evaluations

• Manage and enhance security tools throughout the Software Development Life Cycle (SDLC), including scanning, alert triage, and workflow optimization.

• Conduct practical security evaluations, including targeted reviews, validation of findings, and tracking remediation from internal or external assessments.

• Improve visibility into product and platform risks through actionable insights, documentation, and technical recommendations.

• Support for secure product development

• Collaborate with engineers to integrate security into the design, development, and release procedures in practical ways.

• Assist with threat modeling, secure coding guidance, and lightweight security reviews across product and platform sectors.

• Develop clear and useful documentation to help teams comprehend risks and implement secure development practices.

• Security operations and foundational team support

• Aid in the coordination of security incidents by assisting with investigations, tracking, communication, and follow-up actions.

• Contribute to playbooks, runbooks, and internal processes that enhance security preparedness over time.

• Help define the operational framework of the security function as the team expands, alongside the Head of Security and future hires.

⛳️ Requirements

• 🛡️ Experience in product security: You possess over 5 years of experience in product security, application security, or a closely related security engineering role within a SaaS or cloud context.

• 🔍 Skills in vulnerability management: You have practical experience in triaging, validating, and coordinating remediation for security issues.

• 🌐 Knowledge of web application security: You have a solid understanding of prevalent web vulnerabilities and secure development principles.

• 🧰 Experience with security tools: You have worked with security tools such as SAST, DAST, dependency scanning, container scanning, or similar technologies in practice.

• 🤝 Partnership with engineering: You collaborate effectively with product and engineering teams and know how to assist them without causing delays.

• ✍️ Effective communication: You are capable of documenting findings, articulating risks, and communicating clearly with both technical and non-technical stakeholders.

• ⚡ Practical execution: You can prioritize effectively, concentrate on the most significant risks, and make progress in fast-paced environments.

• 🏗️ Builder mindset: You are excited about the prospect of joining a newly established security team and contributing to the growth of the function over time.

🏝️ Benefits

• Competitive compensation 💸 – We offer fair and attractive pay.

• Ownership 💪 – Our core value is to “empower others,” and we mean it—you’ll receive equity in n8n.

• Work/life balance 🏖️ – We work diligently but ensure you have time to recharge:

• Europe: 30 days of vacation, plus public holidays wherever you are.

• US: 20 vacation days, 8 sick days, plus public holidays wherever you are.

• Health & wellness 🩺 –

• Europe: We provide benefits in accordance with local country norms.

• US: Multiple low-premium, low-deductible medical plans with coverage for individuals and families—plus a no-cost premium HDHP option with a pre-seeded HSA—along with dental and vision coverage.

• Future planning 💰 –

• Europe: We provide pension contributions as per local country standards.

• US: 401(k) retirement plan with a 4% employer match.

• Financial security 🛡️ –

• Europe: We provide benefits according to local country norms.

• US: Company-paid short-term and long-term disability insurance, in addition to life insurance to support you and your loved ones.

• Career growth 📈 – We seek rising stars who grow with us! You’ll receive €1K (or equivalent) annually to invest in courses, books, events, or coaching to enhance your skills.

• A passionate team 🤩 – We are enthusiastic about our product, and we demonstrate this through regular hackathons where we see who can create the most innovative project!

• Remote-first 🌏 – Our team operates remotely across Europe, with regular off-sites for team bonding. Some roles, such as sales in the US, are hybrid—please refer to the job description.

• Giving back 🤝 – We are strong advocates of open source, and you'll receive $100 monthly to support projects that matter to you.

• AI enablement 🤖 – We are committed to working smarter—everyone receives an unlimited AI budget to explore and utilize the best tools to enhance productivity and creativity.

• Transparency 🙏 – We ensure that everyone knows what others are working on, along with the company’s performance—the complete picture.

• An ambitious yet kind culture 😍 – Our employees enjoy working here—our eNPS for 2024 is 94!