RemoteLeaf Logo
Log in Sign up

Principal Product Security Engineer

3 weeks, 2 days ago
United States
Full-time
Lead
Application Security Engineer
Cybersecurity
AWS Carbon Black CI/CD CrowdStrike Databricks GCP GitLab Kubernetes Penetration Testing Python Salesforce Secrets Management Snowflake Terraform
Apply Now
Obsidian Security

Obsidian Security

Obsidian Security is a Southern California-based company at the forefront of cybersecurity, artificial intelligence, and hybrid cloud environments. They offer a comprehensive security solution for businesses, including advanced threat protection, insid...

Internet Software & Services
51-250
Founded 2017
$30M raised
View All Jobs 29

Description

  • Lead and evolve the product security program, including standards, runbooks, technical documentation, and operational practices.
  • Provide technical leadership, mentorship, and secure design guidance to security and engineering teams.
  • Drive security architecture reviews, threat modeling, secure coding practices, and scalable security design reviews.
  • Integrate security throughout the SDLC through code review, SAST/DAST, fuzzing, SBOMs, dependency scanning, and CI/CD security controls.
  • Partner with infrastructure teams to harden AWS, GCP, Kubernetes, GitLab, Terraform, data pipelines, secrets management, and service-to-service access controls.
  • Improve security automation, monitoring, metrics, dashboards, and reporting.
  • Lead technical response for product security incidents, vulnerability remediation, penetration testing, and red team findings.
  • Support customer and prospect security reviews as a senior technical security expert.

Requirements

  • 10+ years of product security and/or engineering experience in cloud-native environments.
  • Experience in cybersecurity, financial services, or another high-security industry is ideal.
  • Strong software engineering skills, especially in Python.
  • Hands-on expertise with Terraform, Kubernetes, AWS, GCP, GitLab, security automation, and security metrics.
  • Deep knowledge of application security, cloud security, detection and response, vulnerability management, and secure SDLC practices.
  • Experience partnering with engineering, product, IT, GRC, and external stakeholders during security reviews and incidents.
  • Strong communication skills with the ability to influence, educate, and raise security maturity across the company.
  • A mission-driven, ownership-oriented mindset and the ability to thrive in a dynamic startup environment.

Benefits

  • Competitive compensation with equity and 401(k).
  • Comprehensive healthcare with dental and vision coverage.
  • Flexible paid time off and paid holiday time off.
  • 12 weeks of new parent or family leave.
  • Personal and professional development resources.
  • Annual conference budget.
  • Opportunity to publish research, share non-proprietary code, and present at conferences.
  • Base salary range of $260,000 to $300,000 USD, plus potential equity awards and possible commission or incentive compensation.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Smartsheet

Senior Security Engineer II, Application Security (Remote Eligible)

Smartsheet 1K-5K Internet Software & Services

Smartsheet is hiring a Senior Security Engineer II to strengthen application security for its global SaaS platform by securing AI-integrated features, expanding security automation, and leading high-impact security reviews.

United States Full-time Senior Application Security Engineer
$175k-$245k
AWS Azure CI/CD GCP GitLab Go Java JavaScript LLM Penetration Testing Python Ruby TypeScript
3 hours, 6 minutes ago
e.l.f. Beauty

Senior Application Security Engineer

e.l.f. Beauty 251-1K Consumer Goods

Senior Application Security Engineer role at a remote marketing and digital commerce company focused on securing applications across the software development lifecycle.

India Full-time Lead Application Security Engineer
Agile AWS Azure CI/CD Cybersecurity DevSecOps GCP HTML JavaScript Penetration Testing Python REST API
1 day ago
Binance

Binance Accelerator Program - Blockchain / Smart Contract Security

Binance 5K-10K Capital Markets

Binance is seeking a Binance Accelerator Program participant to support smart contract and blockchain security work, including audits, vulnerability analysis, and risk detection across Web3 systems.

Asia Hong Kong Taiwan Internship Entry Level Application Security Engineer
Blockchain Git Python VS Code
2 days, 3 hours ago
Evolve Security Academy

Senior Application Security Tester & AI Red Team Subject Matter Expert

Evolve Security Academy 11-50 Internet Software & Services

Evolve Security is seeking a senior offensive security specialist to lead complex web, API, and AI red team engagements while defining the firm’s testing methodology for LLM-enabled and agentic systems.

United States Full-time Senior AI (Artificial Intelligence) Application Security Engineer
Bash GraphQL JavaScript JWT Metasploit Nmap OpenID Connect Penetration Testing Postman PowerShell Python REST API SAML SPA TypeScript
3 days, 13 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers