Senior Product Security Engineer

Adobe•San Francisco, CA

4d•$144,800 - $261,450

About The Position

The Adobe Security Engineering Partnerships (SEP) team is seeking a Senior Product Security Engineer to scale security capabilities across our software Supply Chain, Kubernetes deployment environments, and cloud-native systems. We're looking for a candidate that is passionate about securing the software development lifecycle (SDLC), strengthening software supply chain integrity, and embedding security into modern delivery pipelines using automation-first, secure-by- default approaches. You will operate as a security expert, influencing engineering organizations and key stakeholders, designing scalable security solutions, and independently managing risk a cross complex, cloud-native systems.

Requirements

Bachelor’s degree in Computer Science, Engineering, or related field of study.
6+ years of experience in Product Security, Application Security, Cloud Security, or a related field.
Experience threat modeling for CI/CD and cloud-native systems.
Deep expertise in CI/CD systems such as GitHub Actions, Jenkins, GitLab CI, or similar platforms.
Strong experience securing Kubernetes and containerized workloads in cloud-native environments.
Hands-on knowledge of software supply chain security, artifact signing, and open-source risk management.
Experience implementing GitOps workflows and securing infrastructure-as-code (Terraform, CloudFormation, etc.).
Strong programming or scripting ability (e.g., Python, Go, Bash) with experience building automation and security tooling.
Demonstrated ability to identify systemic risks and design scalable, automation-first mitigations.
Strong understanding of Secure SDLC practices and how security solutions reduce risk across large organizations.
Proven ability to influence engineering teams and serve as a technical leader without formal management authority.

Responsibilities

Develop and implement security controls across CI/CD platforms including GitHub workflows, Jenkins, and internal build systems.
Establish secure-by-default pipeline standards covering build isolation, artifact integrity, secrets management, and least-privilege access.
Identify systemic supply chain risks and build scalable mitigations that prevent entire classes of vulnerabilities.
Secure Kubernetes-based platforms across multi-cloud environments.
Define security baselines for clusters, workloads, container runtimes, admission controls, and network segmentation.
Perform security architecture reviews for complex CI/CD, cloud, and Kubernetes environments.
Independently manage security risk by making defensible, risk-based decisions balancing business velocity and security posture.
Recognize capability gaps and design new security solutions that increase coverage and effectiveness across multiple product areas.
Serve as a trusted security advisor and technical lead within your domain.
Establish yourself as a domain expert in CI/CD, supply chain, and cloud security.