Product Security Engineer

About This RoleAI processing…

Key Responsibilities

• 1
  Develop self-service security frameworks and "paved roads" that allow engineering teams to ship secure code by default.
• 2
  Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues (for example, multi-tenant isolation and authorization/permission bypasses) that automated tools cannot catch.
• 3
  Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance.
• 4
  Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows.
• 5
  Manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem.
• 6
  Contribute to the long-term roadmaps, metrics, and strategic planning for the security team.
• 7
  (Senior/Staff L5+) Lead complex threat modeling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organization.

Requirements

• 4+ years of experience in product security or application security, with experience shipping production code. Please note this is not an early career position.
• You have a strong background in computer science or a related field, with proficiency in writing clean, maintainable code.
• You have deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them.
• You have hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks.
• You are proficient in writing and reviewing code and treat security as an engineering problem to be solved with software, not just policies.
• You excel at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity.
• You are comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy.

Perks & BenefitsTypical for this role