Product Security Engineer

About The Position

Requirements

• The Translator’s Tongue: Exceptional written and verbal communication skills. You must be able to translate complex engineering realities into clear, reassuring language for customers, and conversely, translate rigid compliance requirements into pragmatic tasks for engineers.
• 2 years experience in Risk & Compliance: A solid grasp of information security principles (CIA Triad), common frameworks (NIST, SOC2, ISO 27001), and the ability to distinguish between a theoretical vulnerability and a business risk.
• The Automator’s Instinct: Familiarity with scripting languages (Python preferred) and a refusal to perform the same manual task endlessly. You see a spreadsheet and immediately wonder how to turn it into a script.
• Technical Curiosity: A foundational understanding of modern infrastructure—Cloud (AWS/Azure/GCP), Containers (Kubernetes), and Networking—and a burning desire to learn how to secure them.
• Problem-Solving Agility: The ability to navigate ambiguity. When faced with a complex customer question or a vague audit requirement, you dig for the truth rather than waiting for an answer.
• A "Secure by Design" Mindset: Familiarity with the Software Development Life Cycle (SDLC) and an interest in how security tools (SAST/DAST) integrate into CI/CD pipelines.
• Emerging Tech Awareness: An interest in AI/ML security and the evolving landscape of threats (OWASP Top 10 for LLMs), viewing them as the next frontier to conquer.
• Bachelor’s degree in Computer Science, Engineering, Information Security, or a related field
• Current or recent graduate student pursuing a Master’s degree in Computer Science, Engineering, Information Security, or a related field

Responsibilities

• Own the Trust Narrative: Manage and respond to customer security inquiries (RFIs/RFPs) and questionnaires, serving as the primary translator of our security controls to the outside world.
• Drive Audit Readiness: Orchestrate the gathering of evidence and artifacts for external audits and internal compliance reviews, ensuring our adherence to regulatory frameworks.
• Manage Product Risk: Actively identify, track, and help triage product security risks, working with engineering teams to translate complex findings into pragmatic remediation plans.
• Automate Assurance: Analyze repetitive inquiries and manual compliance tasks to design and build automation (using Python or similar tools) that streamlines the assurance workflow.
• Bridge to Engineering: Leverage your deep understanding of our control environment to participate in threat modeling and design reviews for new features, including cloud-native and AI-driven architectures.
• Build Security Controls: Transition from identifying risks to preventing them by helping to plan and implement effective security guardrails and automated checks in the CI/CD pipeline.
• Enable the Organization: Create and maintain dynamic security documentation and training materials that empower engineering teams to build securely by design.
• Become a Cloud and Application Security Expert: Gain hands-on experience across a modern, cloud-native environment—Kubernetes, AWS, GCP, Azure, and CNAPP platforms—while learning deeply about how Infoblox products work.

Benefits

• Comprehensive health coverage, generous PTO, and flexible work options
• Learning opportunities, career-mobility programs, and leadership workshops
• Sixteen paid volunteer hours each year, global employee resource groups, and a “No Jerks” policy that keeps collaboration healthy
• Modern offices with EV charging, healthy snacks (and the occasional cupcake), plus hackathons, game nights, and culture celebrations
• Charitable Giving Program supported by Company Match