RemoteLeaf Logo
Log in Sign up

Product Security Engineer

1 week ago
United States
Full-time
Mid Level
Application Security Engineer
Cybersecurity
Apache Spark Databricks HIPAA Java JavaScript MLflow Python Scala
Apply Now
Databricks

Databricks

Databricks is the pioneering data intelligence platform, empowering organizations worldwide to solve complex data challenges with AI-driven analytics solutions.

IT Services
1K-5K
Founded 2013
$4450M raised
View All Jobs 30

Description

  • Provide full SDLC security support for new product features across engineering and non-engineering teams.
  • Conduct threat modeling, security design reviews, and manual code reviews for product work.
  • Write exploits and build exploit chains to validate and understand security issues.
  • Support Incident Response and Vulnerability Response efforts when vulnerabilities or product security incidents arise.
  • Review SAST findings to identify false positives and file defects for real security issues.
  • Develop DAST tooling and automation for auto-assessment and defect filing.
  • Maintain and extend the automation framework to support security compliance needs such as FedRAMP, PCI, and HIPAA.
  • Apply risk-based judgment to security decisions rather than relying solely on textbook approaches.
  • Help define and implement security processes that improve product security team productivity and SDLC effectiveness.

Requirements

  • 2-4 years of experience with threat modeling and identifying design problems from data-flow diagrams.
  • Understanding of at least two domains: web security, cloud security, systems security, and applied cryptography.
  • Proficiency in one or more programming languages such as Python, Java, Scala, or JavaScript.
  • Ability to read code and identify security defects.
  • Experience with scripting and automation for exploits.
  • Exploit writing skills are strongly preferred and highly valued.
  • Fuzzing skills are preferred.
  • Ability to work with a global team across the US and EMEA.
  • Experience supporting security review, incident response, or vulnerability response work is beneficial.

Benefits

  • Base salary range of $152,000 to $261,250 USD depending on location zone.
  • Eligibility for annual performance bonus.
  • Equity may be included in the total compensation package.
  • Access to comprehensive employee benefits and perks.
  • Remote work anywhere in the United States.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Marqeta

Intern - Product Security Engineering

Marqeta 251-1K Diversified Financial Services

Marqeta is hiring a Product Security Engineering Intern for a 12-week summer program to support the security of its products and systems in a flexible, remote-friendly FinTech environment.

United States Internship Entry Level Application Security Engineer
$94k-$110k
AWS CI/CD Cybersecurity DevSecOps Go Java JavaScript Python
47 minutes ago
Affirm

Staff Product Security Engineer

Affirm 1K-5K Diversified Financial Services

Affirm is hiring a Staff Product Security Engineer to partner with product and engineering teams on securing cloud-based products throughout the development lifecycle.

United States Full-time Lead Application Security Engineer
$200k-$275k
AWS Azure CI/CD Java Kotlin OAuth OWASP Python SAML
1 hour, 2 minutes ago
Affirm

Staff Product Security Engineer

Affirm 1K-5K Diversified Financial Services

Affirm is hiring a Staff Product Security Engineer to work with product and engineering teams to improve the security of its consumer financial products across the product development lifecycle.

Canada Full-time Lead Application Security Engineer
$132k-$168k
AWS Azure CI/CD Java Kotlin OAuth OWASP Python SAML
4 hours, 17 minutes ago
GitLab

Director, Product Security Architecture

GitLab 1K-5K Internet Software & Services

GitLab is seeking a Director, Product Security Architecture to lead its Security Architecture function and partner with product and engineering leaders to turn product security risks into scalable guidance, standards, and risk-reduction programs.

Europe United States Canada Full-time Lead Application Security Engineer Software Architect
$206k-$290k
CI/CD DevSecOps Microservices
5 hours, 17 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers