RemoteLeaf Logo
Log in Sign up

Principal Product Security Engineer

1 month, 1 week ago
United States
Full-time
Lead
Application Security Engineer
Cybersecurity
AWS Carbon Black CI/CD CrowdStrike Databricks GCP GitLab Kubernetes Penetration Testing Python Salesforce Secrets Management Snowflake Terraform
Apply Now
Obsidian Security

Obsidian Security

Obsidian Security is a Southern California-based company at the forefront of cybersecurity, artificial intelligence, and hybrid cloud environments. They offer a comprehensive security solution for businesses, including advanced threat protection, insid...

Internet Software & Services
51-250
Founded 2017
$30M raised
View All Jobs 31

Description

  • Lead and evolve the product security program, including standards, runbooks, technical documentation, and operational practices.
  • Provide technical leadership, mentorship, and secure design guidance to security and engineering teams.
  • Drive security architecture reviews, threat modeling, secure coding practices, and scalable security design reviews.
  • Integrate security throughout the SDLC through code review, SAST/DAST, fuzzing, SBOMs, dependency scanning, and CI/CD security controls.
  • Partner with infrastructure teams to harden AWS, GCP, Kubernetes, GitLab, Terraform, data pipelines, secrets management, and service-to-service access controls.
  • Improve security automation, monitoring, metrics, dashboards, and reporting.
  • Lead technical response for product security incidents, vulnerability remediation, penetration testing, and red team findings.
  • Support customer and prospect security reviews as a senior technical security expert.

Requirements

  • 10+ years of product security and/or engineering experience in cloud-native environments.
  • Experience in cybersecurity, financial services, or another high-security industry is ideal.
  • Strong software engineering skills, especially in Python.
  • Hands-on expertise with Terraform, Kubernetes, AWS, GCP, GitLab, security automation, and security metrics.
  • Deep knowledge of application security, cloud security, detection and response, vulnerability management, and secure SDLC practices.
  • Experience partnering with engineering, product, IT, GRC, and external stakeholders during security reviews and incidents.
  • Strong communication skills with the ability to influence, educate, and raise security maturity across the company.
  • A mission-driven, ownership-oriented mindset and the ability to thrive in a dynamic startup environment.

Benefits

  • Competitive compensation with equity and 401(k).
  • Comprehensive healthcare with dental and vision coverage.
  • Flexible paid time off and paid holiday time off.
  • 12 weeks of new parent or family leave.
  • Personal and professional development resources.
  • Annual conference budget.
  • Opportunity to publish research, share non-proprietary code, and present at conferences.
  • Base salary range of $260,000 to $300,000 USD, plus potential equity awards and possible commission or incentive compensation.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Nebius

Application Security Engineer

Nebius 51-250 Internet Software & Services

Nebius is hiring an Application Security Engineer to help secure its AI cloud platform by identifying vulnerabilities, improving secure development practices, and supporting application security across the software lifecycle.

United Kingdom Europe Netherlands Czech Republic Germany Full-time Mid Level Application Security Engineer
$81k-$259k
Burp Suite Cybersecurity Go Java JavaScript Linux OpenID Connect Penetration Testing Python SAML
9 hours, 16 minutes ago
GuidePoint Security

Senior Application Security Engineer - Southeast region (Remote)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a senior Application Security consultant to help client organizations strengthen and operationalize their AppSec programs through a mix of advisory work, hands-on engineering, and executive-level guidance.

United States Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP Kubernetes Secrets Management
9 hours, 46 minutes ago
Spotify

Security Engineer- Product Security

Spotify Media

Spotify is hiring a Security Engineer for Product Security to secure its platform, infrastructure, and engineering initiatives for hundreds of millions of users across London or Stockholm.

United Kingdom Sweden Full-time Mid Level Application Security Engineer
Agile C++ CI/CD Encryption Generative AI Java Python Scala TypeScript
10 hours, 1 minute ago
MLabs

Product Security Engineer

MLabs 11-50 Internet Software & Services

MLabs is hiring a Product Security Engineer to secure an enterprise-grade open-source proof-of-stake blockchain platform as it scales across protocol upgrades, EVM-compatible services, and cross-chain infrastructure.

Singapore United Kingdom Switzerland Germany Hong Kong Full-time Senior Application Security Engineer
$75k-$85k
Blockchain CI/CD Encryption gRPC Java Rust
10 hours, 16 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers