Staff Product Security Engineer

· Remote

Location

Remote

Type

Full Time

Job Description

SailPointJobs
Staff Product Security Engineer

Staff Product Security Engineer

Posted Yesterday
Be an Early Applicant
Hiring Remotely in United States
Remote or Hybrid
174K-294K Annually
Senior level
Artificial Intelligence • Cloud • Sales • Security • Software • Cybersecurity • Data Privacy
The Role
Lead product security across the SDLC: threat modeling secure architecture vulnerability management security testing and remediation CI/CD/DevSecOps controls AI security integration bug bounty triage developer training and cross-functional security consulting to scale secure-by-design practices.
Summary Generated by Built In

Staff Product Security Engineer 

 

Overview 

SailPoint’s Cybersecurity organization is seeking a Staff Product Security Engineer with a passion for cybersecurity and protecting the organization. The ideal candidate combines strong application security expertise with practical software engineering experience and can effectively influence to build secure resilient products at scale. This position reports to the Director of Cyber Product Security (CPS) and the successful candidate will join a team of security engineers who collaborate with stakeholders across the organization. This role will partner closely with Engineering and the other security teams within the Cyber organization to identify security risks drive remediation efforts and embed security throughout the product development process. 

Central to SailPoint’s product security program is the implementation of a shared security model that impacts all software developed by SailPoint. Under this model CPS is responsible for multiple key areas affecting product security and collaborates with SailPoint's Engineering Product Security (EPS) team on areas of mutual responsibility. The shared responsibility model was developed to shift product security left moving security checks to the earliest phases of our secure software development lifecycle. 

The staff product security engineer will have the opportunity to shape our future through process and technology optimization capability acquisition and development and maturation of our existing activities. They’ll already be comfortable with the 4 I’s at SailPoint (individual Impact Innovation and Integrity) even if they’re new to the concept. They will embrace new challenges and will be a positive contributor to an already positive work culture and environment. 

Location is remote with the ability to work from anywhere within the continental United States. 

 

Key Responsibilities 

  • Partner with Engineering teams throughout the software development lifecycle to identify and mitigate security risks and implement secure deployment practices 

  • Support threat modeling activities and help engineering teams implement appropriate security controls 

  • Define and promote secure coding standards security policies best practices and secure-by-design principles 

  • Participate in the Cyber organization’s efforts to leverage AI across the team as well as the use of AI in our SSDLC. 

  • Partner with Engineering on improving security testing programs 

  • Coordinate internal and external application and penetration testing initiatives 

  • Validate vulnerability findings and prioritize remediation based on risk 

  • Perform root cause analysis and recommend long-term security improvements 

  • Collaborate with the Security Operations team on security monitoring and detection capabilities for applications and services 

  • Triage coordinate and oversee remediation for security researcher disclosures via our bug bounty program 

  • Develop security training guidance and technical documentation 

  • Interact with other organizations at SailPoint as a consultant on security-related matters 

 

Required Qualifications 

Successful candidate will meet most if not all of the following requirements: 

  • 5-7 years of experience in product security application security software engineering or a related field 

  • Experience with security testing tools such as: SAST SCA DAST Container security scanners 

  • Experience with CI/CD security controls and DevSecOps practices 

  • Familiarity with one or more programming languages such as Python Go Java JavaScript/TypeScript Ruby 

  • Demonstrated ability to effectively use AI-powered tools and automation to enhance security engineering productivity research analysis and remediation efforts 

  • Knowledge of emerging AI security risks and best practices for securing AI-enabled applications services and development workflows 

  • Deep expertise in threat modeling secure architecture design and vulnerability management 

  • Experience influencing engineering organizations and driving security initiatives across multiple teams 

  • Knowledge of artificial intelligence software security frameworks is strongly preferred including OWASP AI Security and Privacy Guide NIST AI Risk Management Framework Cybersecurity AI (CAI) Open SSF AI/ML Security Framework. 

 

Core Competencies 

The successful candidate will:  

  • Be a highly active observer of industry security trends and threats remaining up to date on current cyber issues 

  • Have a continuous learning mindset and passion for security 

  • Have strong analytical and problem-solving skills 

  • Be flexible with the ability to balance security vs the needs of the business 

  • Have excellent written and oral communications skills with demonstrated commitment to producing high quality documentation 

  • Be able to translate technical risks into business impact 

  • Be collaborative and able to foster relationships with teams we partner with 

 

First 90 Days: Discovery Strategic Alignment and Partnership

  • Strategic Alignment & Planning Integration: Deepen collaboration with key engineering and tooling leads by Day 90 reinforcing recurring touchpoints to integrate product security proactively into early planning cycles roadmaps and feature designs.

  • SDLC Optimization Assessment: Review the end-to-end Software Development Life Cycle (SDLC) by Day 60 to identify enhancement opportunities accelerate "shift-left" practices and further standardize secure-by-design deployment pipelines.

  • Asset & Dependency Inventory: Refine and centralize the inventory of supported products underlying architecture and third-party dependencies by Day 90 to deliver a highly visible comprehensive single source of truth.

First 6 Months: Advanced Tooling Training and Scalable Frameworks

  • Modernizing Tool Stack & AI Integration (Q3): Evaluate the current security tooling and implement state-of-the-art AI-assisted scanning across product code (utilizing tools like Cursor and Claude Enterprise) to further automate and scale security workflows.

  • Optimized Remediation & Board Metrics (Q4): Implement a highly scalable risk-based vulnerability prioritization framework optimizing Time to Remediate (TTR) metrics to provide clear actionable risk visibility for executive leadership and the Board.

  • Security Champions & Developer Empowerment: Elevate developer security education and launch a formal "Security Champions" program by Day 180 embedding security advocates across core product lines to champion secure development practices.

First 12 Months: Systemic Security Advancements and "Paved Roads"

  • Systemic Architecture Enhancements: Conduct comprehensive reviews of the production environment (including Kubernetes and containerized applications) to systematically address complex architectural security opportunities and build long-term environment resilience.

  • Standardizing "Paved Road" Configurations: Define document and roll out standardized secure "paved road" configurations and guardrails making secure deployment the friction-free path of least resistance for product teams.

  • Program Scaling & Mentorship: Maintain and scale updated product architecture documentation while continuously elevating team capabilities autonomy and cross-functional alignment through active hands-on mentorship.

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge skills experience market conditions and locations as well as reflect SailPoint’s differing products industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary for US-based employees will be in this range from (min-mid-max USD):

$174200 - $293702.00

Base salaries for employees based in other locations are competitive for the employee’s home location.

Benefits Overview

1. Health and wellness coverage: Medical dental and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees spouses and children

5. Flexible spending accounts for health care and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance Critical Illness Accident Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team.  All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability protected veteran status or any other category protected by applicable law.  

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact [email protected] or mail to 11120 Four Points Dr Suite 100 Austin TX 78726 to discuss reasonable accommodations.  NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.

Skills Required

  • 5-7 years of experience in product security application security software engineering or related field
  • Experience with security testing tools such as SAST SCA DAST Container security scanners
  • Experience with CI/CD security controls and DevSecOps practices
  • Familiarity with one or more programming languages such as Python Go Java JavaScript/TypeScript Ruby
  • Demonstrated ability to effectively use AI-powered tools and automation to enhance security engineering productivity
  • Knowledge of emerging AI security risks and best practices for securing AI-enabled applications and workflows
  • Deep expertise in threat modeling secure architecture design and vulnerability management
  • Experience influencing engineering organizations and driving security initiatives across multiple teams
  • Knowledge of AI security frameworks (OWASP AI Security NIST AI RMF CAI OpenSSF AI/ML Security Framework)

SailPoint Compensation & Benefits Highlights

  • Healthcare StrengthMedical dental and vision coverage with HSA/FSA and mental-health support are described including fully covered HDHP premiums in certain plans.
  • Leave & Time Off BreadthFlexible/unlimited PTO paid sick time company holidays volunteer time off and hybrid/remote options are part of the package.
  • Parental & Family SupportGenerous parental leave and family medical leave are highlighted on public benefit listings and roundups.

SailPoint Insights

Am I A Good Fit?
beta
Expert contributor network
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Austin TX
2461 Employees
Year Founded: 2005

What We Do

At SailPoint we believe enterprise security must start with identity at the foundation. Today’s enterprise runs on a diverse workforce of not just human but also digital identities—and securing them all is critical. Through the lens of identity SailPoint empowers organizations to seamlessly manage and secure access to applications and data at speed and scale. Our unified intelligent and extensible platform delivers identity-first security helping enterprises defend against dynamic threats while driving productivity and transformation. Trusted by many of the world’s most complex organizations SailPoint secures the modern enterprise.

Why Work With Us

Together we’re redefining identity’s place in the security ecosystem. We love taking on new challenges that seem daunting to others. We hold ourselves to the highest standards and deliver upon our promises to our customers. We bring out the best in each other and we’re having a lot of fun doing it.

Gallery

SailPoint Teams

Team
International Culture
Team
Engineering
Team
Professional Services
Team
Sales
About our Teams

SailPoint Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
HQAustin TX
Amsterdam NL
Coyoacán Ciudad de México
London GB
Pune Maharashtra
Toronto Ontario
Learn more

Similar Jobs

SailPoint

Sales Executive

Artificial Intelligence • Cloud • Sales • Security • Software • Cybersecurity • Data Privacy
Remote or Hybrid
Illinois USA
2461 Employees
109K-184K Annually

SailPoint

Technical Program Manager

Artificial Intelligence • Cloud • Sales • Security • Software • Cybersecurity • Data Privacy
Remote or Hybrid
United States
2461 Employees
98K-165K Annually

SailPoint

Technical Program Manager

Artificial Intelligence • Cloud • Sales • Security • Software • Cybersecurity • Data Privacy
Remote or Hybrid
United States
2461 Employees
122K-206K Annually

SailPoint

Consultant

Artificial Intelligence • Cloud • Sales • Security • Software • Cybersecurity • Data Privacy
Remote or Hybrid
4 Locations
2461 Employees
117K-197K Annually
Apply Now

Date Posted

07/02/2026

Views

0

Back to Job Listings Add To Job List Company Profile View Company Reviews
Neutral
Subjectivity Score: 0
142,000+ Jobs Tracked
12,400+ Companies
1,930 Categories