RemoteLeaf Logo
Log in Sign up

Product Security Engineering Manager

1 month, 1 week ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
Apply Now
Bugcrowd

Bugcrowd

Bugcrowd provides a crowdsourced cybersecurity platform that connects organizations with elite security researchers to enhance security measures through managed bug bounty programs, penetration testing, and vulnerability disclosure initiatives.

Internet Software & Services
1K-5K
Founded 2012
$79M raised
View All Jobs 12

Description

  • Lead, grow, and mentor a geographically distributed team of product security engineers.
  • Set strategy and drive execution for application security, platform security, and FedRAMP programs.
  • Own and evolve the secure development lifecycle, including shift-left security initiatives.
  • Drive architecture reviews, threat modeling, SAST, DAST, continuous end-to-end testing, and advanced fuzzing efforts.
  • Design and launch a Security Foundations program focused on secure-by-default engineering.
  • Develop paved roads and developer guardrails to reduce classes of vulnerabilities across the engineering organization.
  • Own the security roadmap and day-to-day operations of the FedRAMP program.
  • Build strong partnerships with software engineering, DevOps, product management, and operations teams.
  • Drive sustained improvement across complex projects spanning multiple teams and business units.

Requirements

  • 7+ years of experience in cybersecurity with a focus on Product Security, Application Security, or Platform Security.
  • 2+ years of experience directly managing and mentoring security engineers.
  • Demonstrated experience managing complex projects and driving sustained improvement across multiple teams.
  • Excellent communication skills and proven ability to collaborate with engineering, DevOps, product, and operations teams.
  • Deep hands-on experience integrating security into modern CI/CD pipelines.
  • Strong proficiency in threat modeling, architecture reviews, and automated security testing, including SAST, DAST, SCA, and fuzzing.
  • Fluency in one or more modern programming languages such as Python, Go, Ruby, or Java.
  • Strong understanding of cloud-native architectures on AWS, GCP, or Azure.
  • Experience with Kubernetes, Docker, Linux, and Infrastructure as Code such as Terraform.
  • Practical experience supporting compliance requirements such as FedRAMP (preferred), PCI, SOC2, ISO27001, or NIST 800-53.
  • Preferred experience managing, triaging, or participating in bug bounty programs.
  • Preferred background building secure-by-default internal libraries or paved roads.
  • Preferred experience at a fast-paced, high-growth security or SaaS company.

Benefits

  • Base salary range of $176,000 to $242,000.
  • Eligibility for a discretionary bonus program or commission plan.
  • Opportunity to work for a company backed by General Catalyst, Rally Ventures, Costanoa Ventures, and others.
  • Commitment to a collaborative, inclusive workplace culture.
  • Reasonable accommodations provided for candidates and employees with disabilities.
  • Background check process includes standard employment and education verification for applicable roles.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Nebius

Application Security Engineer

Nebius 51-250 Internet Software & Services

Nebius is hiring an Application Security Engineer to help secure its AI cloud platform by identifying vulnerabilities, improving secure development practices, and supporting application security across the software lifecycle.

United Kingdom Europe Netherlands Czech Republic Germany Full-time Mid Level Application Security Engineer
$81k-$259k
Burp Suite Cybersecurity Go Java JavaScript Linux OpenID Connect Penetration Testing Python SAML
5 hours, 27 minutes ago
GuidePoint Security

Senior Application Security Engineer - Southeast region (Remote)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a senior Application Security consultant to help client organizations strengthen and operationalize their AppSec programs through a mix of advisory work, hands-on engineering, and executive-level guidance.

United States Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP Kubernetes Secrets Management
5 hours, 57 minutes ago
Spotify

Security Engineer- Product Security

Spotify Media

Spotify is hiring a Security Engineer for Product Security to secure its platform, infrastructure, and engineering initiatives for hundreds of millions of users across London or Stockholm.

United Kingdom Sweden Full-time Mid Level Application Security Engineer
Agile C++ CI/CD Encryption Generative AI Java Python Scala TypeScript
6 hours, 12 minutes ago
MLabs

Product Security Engineer

MLabs 11-50 Internet Software & Services

MLabs is hiring a Product Security Engineer to secure an enterprise-grade open-source proof-of-stake blockchain platform as it scales across protocol upgrades, EVM-compatible services, and cross-chain infrastructure.

Singapore United Kingdom Switzerland Germany Hong Kong Full-time Senior Application Security Engineer
$75k-$85k
Blockchain CI/CD Encryption gRPC Java Rust
6 hours, 27 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers