RemoteLeaf Logo
Log in Sign up

Product Security Engineering Manager

2 weeks, 5 days ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
Apply Now
Bugcrowd

Bugcrowd

Bugcrowd provides a crowdsourced cybersecurity platform that connects organizations with elite security researchers to enhance security measures through managed bug bounty programs, penetration testing, and vulnerability disclosure initiatives.

Internet Software & Services
1K-5K
Founded 2012
$79M raised
View All Jobs 20

Description

  • Lead, grow, and mentor a geographically distributed team of product security engineers.
  • Set strategy and drive execution for application security, platform security, and FedRAMP programs.
  • Own and evolve the secure development lifecycle, including shift-left security initiatives.
  • Drive architecture reviews, threat modeling, SAST, DAST, continuous end-to-end testing, and advanced fuzzing efforts.
  • Design and launch a Security Foundations program focused on secure-by-default engineering.
  • Develop paved roads and developer guardrails to reduce classes of vulnerabilities across the engineering organization.
  • Own the security roadmap and day-to-day operations of the FedRAMP program.
  • Build strong partnerships with software engineering, DevOps, product management, and operations teams.
  • Drive sustained improvement across complex projects spanning multiple teams and business units.

Requirements

  • 7+ years of experience in cybersecurity with a focus on Product Security, Application Security, or Platform Security.
  • 2+ years of experience directly managing and mentoring security engineers.
  • Demonstrated experience managing complex projects and driving sustained improvement across multiple teams.
  • Excellent communication skills and proven ability to collaborate with engineering, DevOps, product, and operations teams.
  • Deep hands-on experience integrating security into modern CI/CD pipelines.
  • Strong proficiency in threat modeling, architecture reviews, and automated security testing, including SAST, DAST, SCA, and fuzzing.
  • Fluency in one or more modern programming languages such as Python, Go, Ruby, or Java.
  • Strong understanding of cloud-native architectures on AWS, GCP, or Azure.
  • Experience with Kubernetes, Docker, Linux, and Infrastructure as Code such as Terraform.
  • Practical experience supporting compliance requirements such as FedRAMP (preferred), PCI, SOC2, ISO27001, or NIST 800-53.
  • Preferred experience managing, triaging, or participating in bug bounty programs.
  • Preferred background building secure-by-default internal libraries or paved roads.
  • Preferred experience at a fast-paced, high-growth security or SaaS company.

Benefits

  • Base salary range of $176,000 to $242,000.
  • Eligibility for a discretionary bonus program or commission plan.
  • Opportunity to work for a company backed by General Catalyst, Rally Ventures, Costanoa Ventures, and others.
  • Commitment to a collaborative, inclusive workplace culture.
  • Reasonable accommodations provided for candidates and employees with disabilities.
  • Background check process includes standard employment and education verification for applicable roles.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

e.l.f. Beauty

Senior Application Security Engineer

e.l.f. Beauty 251-1K Consumer Goods

Senior Application Security Engineer role at a remote marketing and digital commerce company focused on securing applications across the software development lifecycle.

India Full-time Lead Application Security Engineer
Agile AWS Azure CI/CD Cybersecurity DevSecOps GCP HTML JavaScript Penetration Testing Python REST API
2 hours, 42 minutes ago
Binance

Binance Accelerator Program - Blockchain / Smart Contract Security

Binance 5K-10K Capital Markets

Binance is seeking a Binance Accelerator Program participant to support smart contract and blockchain security work, including audits, vulnerability analysis, and risk detection across Web3 systems.

Asia Hong Kong Taiwan Internship Entry Level Application Security Engineer
Blockchain Git Python VS Code
1 day, 6 hours ago
Evolve Security Academy

Senior Application Security Tester & AI Red Team Subject Matter Expert

Evolve Security Academy 11-50 Internet Software & Services

Evolve Security is seeking a senior offensive security specialist to lead complex web, API, and AI red team engagements while defining the firm’s testing methodology for LLM-enabled and agentic systems.

United States Full-time Senior AI (Artificial Intelligence) Application Security Engineer
Bash GraphQL JavaScript JWT Metasploit Nmap OpenID Connect Penetration Testing Postman PowerShell Python REST API SAML SPA TypeScript
2 days, 16 hours ago
TOMORROW HIRE

Application Security Engineer - DAST & Burp Suite Enterprise Security Testing

TOMORROW HIRE Internet Software & Services

Application Security Engineer at a fully remote federal contractor supporting secure application development, testing, and compliance for enterprise web applications.

United States Full-time Senior Application Security Engineer
$120k-$140k
Bash Burp Suite C# CI/CD Eclipse Java Linux .NET Python Selenium Unix Visual Studio
3 days, 6 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers