RemoteLeaf Logo
Log in Sign up

Senior Product Security Analyst

5 days, 17 hours ago
United States, Canada, United Kingdom
Full-time
Senior
Application Security Engineer
Cybersecurity
Agile AWS Microservices Penetration Testing
Apply Now
Omilia

Omilia

Omilia is a global leader in Conversational AI, offering AI-based self-service solutions for enhanced customer care fulfillment and success.

IT Services
251-1K
Founded 2002
$20M raised
View All Jobs 15

Description

  • Own end-to-end security reviews for assigned products and services from design through release.
  • Lead architecture reviews, threat modeling, and secure design validation for APIs, microservices, and SaaS platforms.
  • Independently assess security risk and make release recommendations, including approving, delaying, or blocking releases when necessary.
  • Provide risk-based security guidance to engineering teams with clear context on impact, exploitability, and remediation priorities.
  • Own vulnerability triage and prioritization for assigned products and translate testing results into actionable remediation guidance.
  • Interpret findings from SAST, DAST, SCA, and manual reviews to support effective remediation.
  • Monitor external threats, attack techniques, and vulnerability trends and evaluate their relevance to products and platforms.
  • Support investigation and remediation of product- and application-related security incidents.
  • Partner with engineering, platform, and cloud teams to embed secure-by-design practices into the SDLC and strengthen application-layer controls.
  • Support penetration tests, bug bounty efforts, third-party assessments, audit evidence collection, and alignment with security and compliance frameworks such as PCI DSS and GDPR.

Requirements

  • 5+ years of experience in application security, product security, or a closely related domain.
  • Strong practical understanding of secure SDLC, OWASP Top 10, threat modeling, vulnerability management, and security risk assessment.
  • Demonstrated experience owning end-to-end security reviews for applications or products, including release decision support.
  • Hands-on familiarity with SAST, DAST, and SCA, with the ability to interpret findings and assess real-world risk.
  • Experience with cloud-native SaaS environments, preferably AWS, including API-driven and microservice-based architectures.
  • Working knowledge of PCI DSS and GDPR, with experience translating security and compliance requirements into engineering practices.
  • Ability to apply independent technical and risk judgment, including challenging assumptions and driving remediation.
  • Strong communication skills for working with both engineers and business stakeholders, plus strong verbal and written English skills.
  • Experience working in agile or iterative development environments and collaborating across distributed teams and time zones.
  • Bachelor’s or Master’s degree in Computer Science, Information Security, or a related technical field is a nice to have.
  • Relevant certifications such as CCSP, CSSLP, AWS Certified Security, or AWS Solutions Architect are a nice to have.
  • Experience with manual application security testing, secure design reviews, or API security analysis is a nice to have.
  • Exposure to customer-facing SaaS platforms with regulatory or data protection requirements is a nice to have.
  • Familiarity with AI-enabled or data-intensive systems and emerging application security and privacy considerations is a nice to have.
  • Experience contributing to security standards, review patterns, or guardrails across multiple teams or products is a nice to have.
  • Background in fast-scaling organizations that are maturing security and compliance practices is a nice to have.

Benefits

  • Fixed compensation.
  • Long-term employment with vacation days.
  • Professional development support, including courses and training.
  • Opportunity to work on cutting-edge technology products with global impact in the service industry.
  • Collegial, fun-to-work-with teammates.
  • Apple gear provided.
  • Equal opportunity employer with a diverse and inclusive workplace.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

CookUnity

Senior Application Security Engineer

CookUnity 251-1K Hotels, Restaurants & Leisure

CookUnity is hiring a founding Application Security team member to help secure its engineering organization’s applications and build security into the software lifecycle.

Latin America Full-time Senior Application Security Engineer
Agile AWS Azure Burp Suite CI/CD DevSecOps Docker GCP Java Kotlin Kubernetes OAuth OpenID Connect OWASP Penetration Testing SAML TypeScript
5 hours, 43 minutes ago
Onit

Senior Application Security Engineer

Onit 251-1K IT Services

Onit is hiring a Senior Application Security Engineer in Pune to secure its SaaS applications, APIs, and AI-driven platform through hands-on security architecture, risk assessment, and vulnerability management.

India Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP GraphQL OAuth OpenID Connect REST API SAML SonarQube System Design
15 hours, 12 minutes ago
Funding Societies

Product Security Intern

Funding Societies 251-1K Capital Markets

Funding Societies | Modalku is seeking a Product Security Intern to help strengthen secure software development and security automation across its engineering environment using Generative AI and modern security tooling.

India Indonesia Malaysia Singapore Thailand Full-time Entry Level AI Engineer Application Security Engineer
Bash CI/CD Cybersecurity Encryption Generative AI Git Go JavaScript LLM Penetration Testing Python
1 day, 7 hours ago
Chainguard

Staff Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Staff Product Security Engineer to embed security into its open-source software supply chain, cloud-native products, and CI/CD systems for production environments.

United Kingdom Full-time Lead Application Security Engineer
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
1 day, 10 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers