Staff Product Security Engineer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Staff Product Security Engineer in the United States.

This role provides an exciting opportunity to shape and secure cutting-edge digital products, partnering with engineering and product teams throughout the development lifecycle. You will conduct threat modeling, architecture reviews, and code analysis to ensure robust security standards are embedded in product design and implementation. The position emphasizes proactive identification of vulnerabilities, automation of security processes, and mentoring teams to adopt secure development practices. You will work on complex, distributed systems and contribute to building scalable, secure cloud-based services. The role is fully remote, offering flexibility while maintaining strong collaboration with cross-functional teams. Impactful, high-visibility projects will allow you to influence product strategy and security posture across the organization.

• Partner with product teams to integrate security throughout the product development lifecycle
• Conduct threat modeling, architecture reviews, and risk assessments to identify and mitigate potential vulnerabilities
• Analyze source code and provide guidance for secure implementation of software solutions
• Automate security processes where possible to increase efficiency and reduce risk
• Develop security-focused test cases and enforce security requirements across projects
• Decompose large, cross-team projects into actionable tasks and manage delivery to completion
• Advise teams on emerging security risks, authentication standards, and regulatory requirements
• Mentor peers on security best practices and influence organizational adoption of security standards

Requirements:

• Deep understanding of web application architecture and design principles
• Experience developing cloud-based services using Python, Kotlin, Java, AWS, or Azure
• Knowledge of common security vulnerabilities and mitigations (OWASP, SANS, etc.)
• Experience conducting threat models for complex, distributed systems
• Familiarity with authentication mechanisms including SAML and OAuth2
• Understanding of continuous integration and continuous deployment pipelines and tools
• BS degree in a related field or equivalent experience; MS degree is a plus
• Strong analytical, problem-solving, and communication skills
• Experience in regulated environments (PCI or similar) is preferred

Benefits:

• Competitive base salary: $200,000–$275,000 depending on location and experience
• Equity compensation and employee stock purchase plan (ESPP)
• 100% subsidized medical, dental, and vision coverage for you and your dependents
• Generous stipends for technology, wellness, lifestyle, and family-forming expenses
• Flexible remote work with the option to occasionally work in-office if needed
• Paid vacation and holiday schedules to support work-life balance
• Inclusive, collaborative, and high-growth work environment