RemoteLeaf Logo
Log in Sign up

Product Security Engineer

2 hours, 49 minutes ago
India
Full-time
Mid Level
Application Security Engineer
Cybersecurity
Go LLM Microservices Node.js Python TypeScript
Apply Now
ShopBack

ShopBack

ShopBack is Asia Pacific’s top shopping platform, offering cashback, discounts, and PayLater services to over 38 million users across ten markets. Shop smarter, save more, and earn rewards with ShopBack! 🛍️💰

IT Services
1K-5K
Founded 2014
View All Jobs 3

Description

  • Lead threat modeling and secure design reviews for new products, features, and architectural changes.
  • Conduct secure code reviews and vulnerability analysis across microservices, APIs, web applications, and mobile applications.
  • Partner with engineering teams to remediate security issues and improve secure coding practices.
  • Build and evolve AI-powered security tooling and workflows.
  • Run and improve the vulnerability management program, including prioritizing findings and driving time-to-remediation.
  • Support product security incident response, including blast radius analysis, root cause analysis, variant hunting, and post-incident hardening.
  • Partner with compliance teams to gather evidence and support controls for audits.
  • Work closely with engineering, SRE, and platform teams to embed security throughout the SDLC from design through production.
  • Use automation and engineering partnership to improve security outcomes in a lean, high-ownership environment.

Requirements

  • 3 to 4 years of hands-on product or application security experience in production environments.
  • Experience securing cloud-native, microservices, and mobile applications.
  • Strong threat modeling skills using STRIDE, attack trees, or equivalent frameworks.
  • Ability to review architecture diagrams or PRDs for authentication, authorization, data exposure, insecure integrations, and systemic risks.
  • Experience performing secure code reviews and vulnerability analysis for OWASP Top 10, business logic flaws, authorization issues, and supply chain risks.
  • Proficiency in at least one of Python, TypeScript/Node.js, or Go.
  • Genuine fluency with modern AI tooling such as LLMs, coding agents, and MCP-based tooling.
  • Understanding of AI/ML security risks, including prompt injection, data exfiltration via agents, insecure tool use, and model supply chain risks.
  • Pragmatic, high-signal approach that prioritizes high-severity, high-impact findings.
  • Strong written communication skills for presenting risks, recommendations, and remediation paths clearly.
  • Collaborative mindset and comfort influencing engineers without gatekeeping.
  • Ability to work with ambiguity and broad ownership in a lean security team.

Benefits

  • Competitive compensation based on performance.
  • Career progression paths and opportunities to take on greater challenges.
  • Opportunity to be part of a team on a journey to global scale.
  • Candid, open, and collaborative culture where feedback is valued.
  • Inclusive and equal opportunity workplace committed to diversity.
  • AI-assisted recruitment process with human final hiring decisions and the option to request human review or challenge outcomes.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Harford County Public Library

Arquiteto de Segurança em Desenvolvimento (AppSec) Senior

Harford County Public Library 51-250 Diversified Consumer Services

Stone Tech, parte da Stone Co., is hiring a Senior Application Security Architect to help secure the development and operation of payment and financial systems, including products that use LLMs and generative AI.

Brazil Full-time Senior Application Security Engineer Software Architect
Agile AWS Azure CI/CD GCP Generative AI LLM
1 day, 8 hours ago
Anduril Industries

Manager, Product Security Foundations

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Manager of Product Security Foundations to lead a security engineering team delivering reusable foundational security components for its defense products.

United States Full-time Lead Application Security Engineer Engineering Manager
$191k-$253k
C C++ Cybersecurity Embedded Systems Go IoT Linux Python Rust
2 days, 2 hours ago
Parachute Health

Application Engineer

Parachute Health 51-250 Health Care Providers & Services

Parachute Health is hiring a software engineer for its IT & Security team to build internal platforms and AI-driven workflows that improve security, compliance, and operational efficiency across its healthcare technology environment.

United States Full-time Junior Application Security Engineer Software Engineer
AWS Datadog EC2 GCP GitHub GraphQL HIPAA JavaScript Node.js Penetration Testing Python React REST API Ruby on Rails SIEM Splunk SQL TDD TypeScript
2 days, 7 hours ago
Swapcard

Application Security Engineer

Swapcard 251-1K Professional Services

Swapcard is hiring an Application Security Engineer to strengthen the security of its AI-powered event platform by driving vulnerability remediation, security testing, and secure development practices across the product lifecycle.

Europe Austria Belgium Germany Greece Hungary Ireland Latvia Lithuania Poland Portugal Romania Spain Full-time Junior Application Security Engineer
Burp Suite CI/CD GitLab CI Helm Jenkins Penetration Testing SonarQube Terraform WAF
4 days, 2 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers