Senior Product Security Engineer

6+ years in product/application security in large-scale systems.

Demonstrated experience building or operationalizing security tooling (CI/CD integrations, scanners, policy engines, security automation, detection/monitoring).

Strong foundation in security architecture, design reviews, and threat modeling for modern cloud-native systems.

Practical understanding of AI/ML systems and workflows: model development lifecycle, model registry/deployments, evals, vector databases/RAG, and agent frameworks.

Deep familiarity with common software vulnerabilities (OWASP Top 10) and modern cloud threats; strong ability to communicate risk to engineers.

Ability to collaborate with software engineers and ML engineers—meeting business goals while enforcing security requirements.

Medical and Dental Coverage

Retirement Plan

Commuter Benefits

Wellness perks

Paid Time Off (Vacation, Sick, Baby Bonding, Cultural Observance, & More)

Education Perks

Lead security architecture reviews and threat modeling across apps/APIs/cloud and AI/ML systems (agents, MCP servers, tool integrations, orchestration).

Implement security controls across the SDLC and AI lifecycle.

Build “secure-by-default” automation and guardrails (policy-as-code, CI/CD gates, least privilege/sandboxing, provenance verification).

Own and mature SAST/DAST/SCA and vuln management: tool tuning, pipeline integration, triage, remediation workflows, metrics/SLAs.

Evaluate and integrate OSS/vendor AppSec and AI security tooling (scanning, secrets, prompt safety, agent runtime monitoring, data leakage controls).

Deliver reusable secure patterns/SDKs and partner with platform teams on runtime hardening (IAM, secrets, Kubernetes, logging/monitoring, isolation).