Security Engineer, Product Security

About The Position

Requirements

• Bachelor’s degree in computer science or related technical field or equivalent practical experience.
• 4+ years of experience with anti-abuse AppSec, threat modeling, and/or secure architecture.
• Understanding of common abuse patterns (e.g., ATO, scraping, spam, fraud, privilege misuse).
• Proficiency in Python, SQL, or a similar language for building detections and data pipelines.
• In-depth knowledge of anti-abuse solutions, cloud, application security, network security, and/or infrastructure security, LLMs.
• Applied knowledge of securing AWS, Azure, and other public cloud providers
• Experience performing source code reviews across various languages (e.g. Java, Go)
• Working knowledge of malware detection and best practices
• Ability to assess engineering designs and architecture diagrams for abuse risks
• Ability to assess abuse risks within an application or feature
• Experience communicating abuse risks and roadmaps to senior leadership
• Experience designing and implementing anti-abuse solutions
• Experience contributing to the security anti-abuse community such as presenting at conferences or meetups.

Responsibilities

• Understand the abuse risks faced by customers.
• Design and deploy the anti-abuse controls for features, including compromised account detections, data exfiltration detections, LLMs, the newest, highest risk, features such as data sharing, and future engineering challenges.
• Work directly with senior engineers and management to illustrate abuse risks, threats, exploits, and to guide business decisions.
• Research, plan, and build anti-abuse architectures for products and features
• Provide designs and reference implementations for new anti-abuse features
• Research new services, controls, or features that can help protect the product and our customers from abuse.