Product Security Engineer

About The Position

Requirements

• 2+ years of experience in application security or product security engineering
• Bachelor’s degree in computer science, Cybersecurity, or related technical field
• Strong programming skills in modern languages (Python, Ruby, Java, C#, JavaScript, PowerShell)
• Strong database experience with proficiency in SQL and PostgreSQL
• Deep understanding of web application security (OWASP Top 10, API security)
• Experience with cloud security architectures and containerization (Docker, Kubernetes)
• Experience with server administration across Linux and Windows environments
• Knowledge of security testing tools and methodologies (SAST, DAST, penetration testing)
• Experience applying risk assessment methodologies (DREAD, CVSS) to analyze security findings and establish data-driven remediation priorities
• Understanding of secure software development lifecycle (SSDLC) practices
• Experience with version control systems (Git) and CI/CD pipelines
• Experience with infrastructure automation using Ansible
• Demonstrated ability to communicate technical security concepts to diverse stakeholders and influence remediation efforts
• Self-motivated with ability to work independently and drive security initiatives to completion
• Experience collaborating with development teams to implement security fixes

Nice To Haves

• Professional certifications (SAA-C03, PJPT, CSSLP, CEH, OSCP, AZ-400, AWS DevOps, or equivalent)
• Experience with AI/ML security, including model security and adversarial attacks
• Knowledge of financial services security requirements and data protection
• Experience with infrastructure-as-code tools (Terraform, CloudFormation)
• Background in threat modeling frameworks (STRIDE, PASTA, OCTAVE)
• Experience with security orchestration and automation platforms

Responsibilities

• Participate in security architecture reviews and threat modeling for new features and systems
• Perform code reviews with focus on security vulnerabilities and best practices
• Design and implement security controls for cloud infrastructure (AWS, Azure, GCP)
• Participate in security assessments of AI/ML systems, including Agentic AI implementations
• Contribute to secure coding guidelines and security testing frameworks
• Integrate security tools into CI/CD pipelines (SAST, DAST, dependency scanning)
• Collaborate with DevOps team on infrastructure-as-code security practices
• Investigate and remediate security vulnerabilities across the technology stack
• Create security documentation for development teams and architectural decisions
• Support penetration testing activities and coordinate remediation efforts
• Research emerging threats and security technologies, particularly in AI/ML space

Benefits

• A fun, fast-paced work environment
• Responsible PTO Plan that meets or exceeds state and local medical and family leave laws
• 11 paid holidays
• Community and social events to keep you connected and engaged
• Mental Health Benefits
• Medical, Dental and Vision insurance
• Company-paid Group Life Insurance, Short- and Long-Term Disability
• Flexible Spending Account & Health Savings Account
• Aflac Benefits – Critical Illness, Cancer Protection, & Hospital Choice
• Pet Insurance
• 401 (k) with company match with eligibility on Day 1 of employment
• 2 Paid Volunteer Time Off Days
• And much more!