Senior Staff Software Engineer Product Security

You will be responsible for designing, implementing, and scaling security-focused engineering solutions that enhance platform resilience, compliance, and developer productivity across distributed systems.

• Architect, design, and develop advanced security tooling to automate vulnerability detection and remediation across engineering systems
• Lead security-focused Proof of Concepts (POCs) and evaluate third-party tools to improve security posture and developer efficiency
• Design and implement security features such as encryption, TLS, identity and access management, secrets rotation, and certificate management
• Build automation frameworks for security validation, including compliance and security standards assessment tools
• Investigate and resolve complex security-related system issues, including root cause analysis of critical production incidents
• Author detailed technical design documents, security architectures, and test plans for cross-system initiatives
• Develop integrations for security scanning tools and vulnerability remediation workflows within CI/CD pipelines
• Mentor engineers and contribute to improving team-wide expertise through reviews, documentation, and technical guidance
• Collaborate with cross-functional stakeholders and leadership to align security initiatives with product and engineering goals

Requirements

This role requires extensive experience in software engineering and security architecture, with strong expertise in cloud-native systems, automation, and secure platform design.

• 15+ years of experience in software engineering or security engineering roles, with strong systems design expertise
• Deep experience with Kubernetes (including EKS) and containerized environments such as Docker
• Strong programming skills in languages such as Python, Go, Java, and Bash
• Proven expertise in infrastructure-as-code tools like Terraform and Helm
• Experience building and automating CI/CD pipelines using tools such as Jenkins, GitLab CI/CD, or GitHub Actions
• Strong understanding of cloud security, infrastructure security, and distributed system architectures
• Experience in vulnerability management, CVE remediation automation, and integrating SAST/DAST tools (e.g., Trivy, Aqua Security, Tenable, Fortify)
• Familiarity with security and compliance frameworks such as FedRAMP, SOC 2, or ISO 27001
• Knowledge of secure coding practices and OWASP Top 10 vulnerabilities
• Experience with IAM/IAG systems and enterprise identity security solutions
• Bonus: exposure to post-quantum cryptography, FIPS 140-3, TLS 1.3, or advanced encryption standards
• Strong communication and stakeholder management skills, with ability to influence across distributed teams

Benefits

• Competitive compensation package aligned with senior-level expertise
• Flexible work-from-home policy supporting work-life balance
• Generous paid time off and dedicated unplugged days
• Comprehensive health, wellness, and mental health support programs
• Reimbursement programs for phone and internet expenses
• Access to continuous learning and career development opportunities
• Paid volunteer time to support community initiatives
• Inclusive work culture supported by employee resource groups
• Exposure to cutting-edge cloud security, compliance, and distributed systems challenges