RemoteLeaf Logo
Log in Sign up

Senior Product Security Analyst

2 hours, 51 minutes ago
United States, Canada, United Kingdom
Full-time
Senior
Application Security Engineer
Cybersecurity
Agile AWS Microservices Penetration Testing
Apply Now
Omilia

Omilia

Omilia is a global leader in Conversational AI, offering AI-based self-service solutions for enhanced customer care fulfillment and success.

IT Services
251-1K
Founded 2002
$20M raised
View All Jobs 4

Description

  • Own end-to-end security reviews for assigned products and services from design through release.
  • Lead architecture reviews, threat modeling, and secure design validation for APIs, microservices, and SaaS platforms.
  • Independently assess security risk and make release recommendations, including approving, delaying, or blocking releases when necessary.
  • Provide risk-based security guidance to engineering teams with clear context on impact, exploitability, and remediation priorities.
  • Own vulnerability triage and prioritization for assigned products and translate testing results into actionable remediation guidance.
  • Interpret findings from SAST, DAST, SCA, and manual reviews to support effective remediation.
  • Monitor external threats, attack techniques, and vulnerability trends and evaluate their relevance to products and platforms.
  • Support investigation and remediation of product- and application-related security incidents.
  • Partner with engineering, platform, and cloud teams to embed secure-by-design practices into the SDLC and strengthen application-layer controls.
  • Support penetration tests, bug bounty efforts, third-party assessments, audit evidence collection, and alignment with security and compliance frameworks such as PCI DSS and GDPR.

Requirements

  • 5+ years of experience in application security, product security, or a closely related domain.
  • Strong practical understanding of secure SDLC, OWASP Top 10, threat modeling, vulnerability management, and security risk assessment.
  • Demonstrated experience owning end-to-end security reviews for applications or products, including release decision support.
  • Hands-on familiarity with SAST, DAST, and SCA, with the ability to interpret findings and assess real-world risk.
  • Experience with cloud-native SaaS environments, preferably AWS, including API-driven and microservice-based architectures.
  • Working knowledge of PCI DSS and GDPR, with experience translating security and compliance requirements into engineering practices.
  • Ability to apply independent technical and risk judgment, including challenging assumptions and driving remediation.
  • Strong communication skills for working with both engineers and business stakeholders, plus strong verbal and written English skills.
  • Experience working in agile or iterative development environments and collaborating across distributed teams and time zones.
  • Bachelor’s or Master’s degree in Computer Science, Information Security, or a related technical field is a nice to have.
  • Relevant certifications such as CCSP, CSSLP, AWS Certified Security, or AWS Solutions Architect are a nice to have.
  • Experience with manual application security testing, secure design reviews, or API security analysis is a nice to have.
  • Exposure to customer-facing SaaS platforms with regulatory or data protection requirements is a nice to have.
  • Familiarity with AI-enabled or data-intensive systems and emerging application security and privacy considerations is a nice to have.
  • Experience contributing to security standards, review patterns, or guardrails across multiple teams or products is a nice to have.
  • Background in fast-scaling organizations that are maturing security and compliance practices is a nice to have.

Benefits

  • Fixed compensation.
  • Long-term employment with vacation days.
  • Professional development support, including courses and training.
  • Opportunity to work on cutting-edge technology products with global impact in the service industry.
  • Collegial, fun-to-work-with teammates.
  • Apple gear provided.
  • Equal opportunity employer with a diverse and inclusive workplace.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Brex

Application Security Engineer

Brex 1K-5K Diversified Financial Services

Brex is hiring an Application Security Engineer to help secure its finance platform by finding and responding to vulnerabilities, supporting secure development, and contributing to AI security efforts across cross-functional teams.

Anywhere Full-time Mid Level Application Security Engineer
$152k-$190k
AWS GraphQL gRPC Kotlin Kubernetes Penetration Testing Python
4 hours, 36 minutes ago
ESG News

Senior Cyber Engineer

ESG News 11-50 Internet Software & Services

The Financial Times is hiring a Senior Cyber Security Engineer to strengthen application and cloud security across its AWS-hosted, cloud-native technology estate.

United Kingdom Full-time Senior Application Security Engineer Security Engineer
Agile AWS CI/CD CloudFormation GitHub Python Scrum SIEM Splunk Terraform
17 hours, 48 minutes ago
Greenlight

Senior Staff Product Security Engineer

Greenlight 251-1K Capital Markets

Greenlight is hiring a Senior Staff Product Security Engineer to define and drive the product security strategy for its family fintech platform and help protect customer financial, location, and personal data across the engineering organization.

United States Full-time Lead Application Security Engineer
$180k-$240k
Android AWS Burp Suite DynamoDB GCP Helm iOS Java Kotlin Kubernetes Microservices MySQL Node.js Penetration Testing Rancher React Redis Swift SwiftUI
18 hours, 42 minutes ago
Wellhub

Director Security Engineer | DevSecOps

Wellhub 1-10 Gas Utilities

Wellhub is hiring a Director of Security Engineering in Brazil to lead application security, DevSecOps, and security engineering for its global subscription platform across 10 product verticals.

Brazil Full-time Lead Application Security Engineer DevOps Engineer
API Gateway AWS Burp Suite CI/CD Elasticsearch GCP Go Java JavaScript Kubernetes Microservices Prisma Python Secrets Management Sentinel SIEM SonarQube Splunk
18 hours, 48 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers