RemoteLeaf Logo
Log in Sign up

Senior Product Security Engineer

2 hours, 20 minutes ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS CI/CD DevSecOps Docker Kubernetes Ruby Rust TypeScript
Apply Now
Tines

Tines

Tines is a smart, secure workflow builder that empowers technical teams to automate processes without code, making security teams more effective and efficient.

Construction & Engineering
51-250
Founded 2018
$96M raised
View All Jobs 14

Description

  • Partner with product and engineering teams to integrate security throughout the development lifecycle.
  • Lead product security initiatives across the engineering stack.
  • Use AI and automation to scale security coverage and keep pace with AI-assisted development.
  • Design and implement security controls and architecture that scale with the growing product portfolio.
  • Conduct threat modeling and security reviews to identify and mitigate vulnerabilities, including AI-related risks.
  • Contribute to vulnerability management by triaging bug bounty and vulnerability disclosure reports and driving remediation.
  • Develop automated security testing, monitoring, and response capabilities to reduce manual toil.
  • Serve as an incident responder during security events and lead post-incident reviews.
  • Provide security education and technical guidance to engineering teams on secure development practices.

Requirements

  • 8+ years of experience in application or product security roles.
  • Experience securing cloud-native applications.
  • Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC practices.
  • Experience using AI and automation to scale security programs, such as LLM-assisted code review or automated triage.
  • Experience with cloud security, with AWS preferred.
  • Experience securing containerized environments such as Docker and Kubernetes.
  • Proficiency in modern programming languages; experience with Ruby, TypeScript, and/or Rust is highly desirable.
  • Knowledge of security testing methodologies and tools, including SAST, DAST, and SCA.
  • Experience with CI/CD security integration and DevSecOps practices.
  • Strong incident response skills and experience participating in on-call rotations.
  • Excellent communication skills and strong analytical thinking and problem-solving abilities.
  • Must be authorized to work for any employer in the U.S.; visa sponsorship is not available.
  • Preferred experience securing AI/ML systems and LLM-powered features.
  • Preferred familiarity with LLM red-teaming, AI threat modeling frameworks such as MITRE ATLAS or OWASP LLM Top 10, and emerging AI security standards.
  • Preferred hands-on experience building agentic or automated security workflows using Tines or similar platforms.
  • Preferred contributions to open-source security tooling or participation in the security research community.
  • Preferred experience designing secure-by-default developer platforms, paved roads, or golden paths.
  • Preferred background in bug bounty triage at scale or running a public VDP/bug bounty program.
  • Preferred familiarity with multi-tenant SaaS security challenges.
  • Preferred experience supporting FedRAMP Moderate/High and/or DoD Impact Level 4/5/6 environments.
  • Preferred prior experience at a high-growth startup launching new products or expanding product lines.

Benefits

  • Target annual compensation of $218-$235k plus equity.
  • Remote work based in the United States.
  • Opportunity to work in an AI-forward engineering environment on a growing product security program.
  • Equal employment opportunity for all employees and applicants.
  • A culture that emphasizes learning, growth, curiosity, integrity, simplicity, speed, and soundness.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Rubrik

Application Security Intern

Rubrik 1K-5K IT Services

Rubrik is hiring an Application Security Engineering intern to help strengthen its secure software development life cycle and support security work across products and applications.

India Internship Entry Level Application Security Engineer Software Engineer
Cybersecurity Docker Go JavaScript Kubernetes Microservices Python Scala TypeScript
1 hour, 35 minutes ago
GuidePoint Security

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Engineering professional to implement and operationalize application security tooling and practices across software development and CI/CD environments for a broad range of customer-facing security engagements.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
6 hours, 5 minutes ago
GuidePoint Security

Application Security Engineer (Remote in the U.S.)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring an Application Security professional to run and operationalize security testing tools across client development environments and help teams identify and remediate web application risks.

United States Full-time Mid Level Application Security Engineer
Azure Bamboo C# C++ CI/CD GitHub Java JavaScript Jenkins PHP Python
13 hours, 11 minutes ago
ShopBack

Product Security Engineer

ShopBack 1K-5K IT Services

ShopBack is hiring a Product Security Engineer to help secure its cloud-native, microservices, web, and mobile products across the software development lifecycle as the company scales its shopping, rewards, and payments platform.

India Full-time Mid Level Application Security Engineer
Go LLM Microservices Node.js Python TypeScript
1 day, 5 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers