RemoteLeaf Logo
Log in Sign up

Senior Product Security Engineer

1 week, 1 day ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
Android Encryption iOS Java LLM Microservices Python WAF
Apply Now
Toast

Toast

Toast is an all-in-one platform for restaurants, offering tableside ordering, online ordering, and labor management to empower businesses in the food service industry.

Hotels, Restaurants & Leisure
1K-5K
Founded 2012
View All Jobs 64

Description

  • Select, implement, design, and build services and tools to manage and deliver security intelligence across Toast platforms.
  • Identify, triage, and provide remediation guidance for application vulnerabilities, with a focus on anti-abuse activities.
  • Improve developer tooling and adoption to strengthen the SSDLC and integrate security and anti-abuse features.
  • Help other Toast teams make security-conscious decisions when building public-facing software.
  • Assist incident response teams with application security expertise and tools, especially for abuse and fraud cases.
  • Build threat models for Toast applications and use cases.
  • Guide the design and maintenance of robust and resilient network and application architecture.
  • Collaborate to improve information gathering and sharing across Toast products.
  • Leverage AI tools to improve development workflow and contribute to faster, higher-quality delivery.

Requirements

  • 5+ years of experience in application security and security engineering.
  • Experience building and maintaining scaled Java web services in production.
  • Experience developing Python scripts or applications for scheduling and backend data handling.
  • Experience leveraging LLM AI features for software development and/or security operations.
  • Strong understanding of cloud application architecture.
  • History of serving as a subject matter expert to improve security outcomes, especially around abuse, fraud, and legal concerns.
  • Previous security experience working with fintech applications and associated requirements.
  • Strong understanding of privacy, security, and cryptography patterns for handling customer information, including PKIs, access management, data tokenization, and anonymization.
  • Offensive security training and certifications such as OSCP, OSWE, or OSEP are preferred.
  • Experience with edge security solutions such as WAF and API security is preferred.
  • Adversary emulation experience, including red or purple teaming, is preferred.
  • Experience with cloud and container security technologies is preferred.
  • Experience with SSDLC tooling such as SAST, DAST, and SCA is preferred.
  • Experience with scaled data handling in RDBMS, streaming, and columnar stores is preferred.
  • Experience with metrics and charting software is preferred.
  • Knowledge of mobile apps and threats on iOS and Android is preferred.
  • Knowledge of operating systems, networking, and protocols is preferred.
  • Experience securing financial technologies and their associated requirements is preferred.

Benefits

  • Base salary range of $146,000-$234,000 USD for Zone A, $127,000-$203,000 USD for Zone B, and $115,000-$184,000 USD for Zone C.
  • Total rewards include cash compensation such as overtime and eligible bonus/commissions, plus equity and benefits.
  • Competitive compensation and benefits programs designed to support a healthy lifestyle and changing employee needs.
  • Hybrid work model that supports in-person collaboration while valuing individual needs.
  • Reasonable accommodations available for candidates with disabilities during the hiring process.
  • Access to AI tools across the company to support faster, more independent, higher-quality work.
  • Commitment to an inclusive hiring process and accessible application/interview experience.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bugcrowd

Product Security Engineering Manager

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Product Security Engineering Manager to lead application, platform, and FedRAMP security programs while guiding a distributed team and advancing secure-by-default engineering across the company.

United States Full-time Senior Application Security Engineer
$176k-$242k
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
12 hours, 19 minutes ago
MongoDB

Senior Product Security Engineer, Server

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Product Security professional to strengthen the security of its core database products and customer-facing security features for its Database Server team in Dublin or remotely in Ireland.

Ireland Full-time Senior Application Security Engineer
AWS Azure C++ Encryption GCP MongoDB Penetration Testing Secrets Management
17 hours, 1 minute ago
MongoDB

Director, Identity & Security Product Management

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Director of Identity and Security Product Management in Canada to lead the strategy and roadmap for IAM and security across its Atlas platform, core database, and related services.

Canada Full-time Executive Application Security Engineer Product Manager
$87k-$110k
AWS Azure GCP JIRA Microservices MongoDB Network Security
18 hours, 28 minutes ago
Backblaze

Sr. Software Engineer - Application Security

Backblaze 251-1K IT Services

Backblaze is hiring an Application Security Engineer to strengthen the security of its cloud storage and backup products by embedding application security into new and existing software across a large, distributed stack.

Mexico Colombia Argentina Costa Rica Full-time Senior Application Security Engineer Software Engineer
C C++ Encryption Go HTTP Java JavaScript Linux Node.js Python REST API TypeScript
18 hours, 40 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers