Product Security Engineer
3 weeks ago
===
Excerpt: Design and implement scalable security infrastructure and help build a culture of security for a rapidly growing team.
Status: Open
===
About the role
Don’t you wish the security practice at your company was more modern, effective and not chasing its tail? Are you excited by the idea of tackling novel security problems while empowering a delightful experience for end users? If that energy isn’t appreciated where you currently work, join us in developing a proactive, technology-forward product-security discipline, dedicated to eliminating vulnerabilities in application and infrastructure before they even occur. You’ll own the SSDLC and ensure effective security measures are embedded throughout. You’ll be building systems and occasionally building/buying tools that help all of Engineering truly shift left, so you can spend less time chasing vulnerabilities and more time on meaningful security engagement.
Additionally, this role includes practicing embedded security within Eng teams, teaching them to think through, prevent, and mitigate common security issues all on their own: everything from creating guardrails to implementing AuthN / AuthZ correctly to creating secure and resilient infrastructure as code. The security culture you help create permeates the entire company and has longevity, even when you’re not in the room, because you will help a top-tier Eng team level up. Your work will inform the company’s security roadmap, starting with delivering pieces of a high-speed, automated, and self-service security strategy.
So far the security projects we’ve worked on have been about:
- Hardening our Kubernetes deployments
- Running and evolving our Bug Bounty Program
- Streamlining our product authorization model
- Optimizing access control company-wide
- Automating vulnerability management
About you
Must have's:
- 5+ years of product-security experience: 4 years in appsec, 1 in cloudsec
- You write code and are fond of creating your own automation
- Deep understanding of software-security principles and a good understanding of cloud-infrastructure security principles
- Hands-on experience with many of the core infrastructure products that Hex is run on, including Kubernetes, AWS, and Terraform
- You perform code reviews regularly
- Proficient at threat modeling and keeping the models updated
- Able to break down a landscape of scattered security problems, whether complex, simple and/or varies, and group them into logical, achievable components to get the most bang for the buck during quarterly and annual planning
- Possess an instinct for strategic thinking and aligning with business and product goals, while keeping a healthy balance of velocity and security excellence.
- Excel at working with several different engineering teams and codebases, and at communicating with engineers and non-technical partners across many different backgrounds, demonstrating curiosity about how their work contributes to Hex’s success.
Nice to have's:
- Experience scaling and optimizing a bug-bounty program with a good signal:noise ratio
- Involvement with your Security Community
- Interest in the data space, and a love of shipping great products and building tools that empower engineers and users to do more.
- Curious and willing to dive into the bigger picture of building a company, including go-to-market, customer development, people, and marketing.
Our Engineering team
We’re a group of engineers who are forging new ground together and love partnering with Security on our journey to pull ahead of our competition. You can read about how we think through problems as well as how we learn from mistakes on our blog here:
- How we took down production…
- Beyond Linear Notebooks
- A pragmatic approach to live collaboration
Our Tech Stack
app.hex.tech runs on AWS:
- EKS
- RDS (Postgres)
- EC2
- S3
app.hex.tech uses:
- Node.js
- TypeORM
- Apollo GraphQL
- React
- Redux
- … and more
app.hex.tech is written in:
- TypeScript
- Python
- Node
- Terraform
-
Product Security Engineer
7 days ago
San Francisco, United States Opal Security Full timeOpal is building the next generation of access management. We've all felt the pain of not getting the access we need to do our job. At Opal, we’re building a central hub for authorization to make access management automated, intelligent, and easy to use. We are taking an age old problem in enterprise software and making it simple. Our product prioritizes...
-
Product Security Engineer
4 days ago
San Francisco, CA, United States Opal Security Full timeOpal is building the next generation of access management. We've all felt the pain of not getting the access we need to do our job. At Opal, we’re building a central hub for authorization to make access management automated, intelligent, and easy to use. We are taking an age old problem in enterprise software and making it simple. Our product prioritizes...
-
San Francisco, CA, United States Everything Full timeHome Jobs Lead Product Security Engineer Us Remote Jobs In California San Francisco Colombia Lead Product Security Engineer - US Remote Jobs in California, San Francisco, Colombia Home Jobs Lead Product Security Engineer Us Remote Jobs In California San Francisco Colombia Lead Product Security Engineer - US Remote Jobs in California, San Francisco,...
-
Lead Product Security Engineer
7 days ago
San Francisco, United States WeightsBiases Full timeAt Weights & Biases, our mission is to build the best developer tools for machine learning. Weights & Biases is a series C company with $250 million in funding and a rapidly growing user base. Our platform is an essential piece of the daily work for machine learning engineers, from academic research institutions like FAIR and UC Berkeley to massive...
-
Lead Product Security Engineer
6 days ago
San Francisco, United States WeightsBiases Full timeAt Weights & Biases, our mission is to build the best developer tools for machine learning. Weights & Biases is a series C company with $250 million in funding and a rapidly growing user base. Our platform is an essential piece of the daily work for machine learning engineers, from academic research institutions like FAIR and UC Berkeley to massive...
-
Security Product Engineer
4 days ago
San Francisco, CA, United States Astranis Full timeFull Time] Product Security Engineer at Astranis (United States) | BEAMSTART Jobs Product Security Engineer Full Time Remote Work Stock Options We are building the next generation of smaller, lower-cost spacecraft to bring the world online. We have a world-class team that is passionate about building amazing technology. Astranis is looking for...
-
Security Engineer, Product Security
4 days ago
San Francisco, CA, United States Chainlink Labs Full timeAbout Us Chainlink Labs is the primary contributing developer of Chainlink, the decentralized computing platform powering the verifiable web. Chainlink is the industry-standard platform for providing access to real-world data, offchain computation, and secure cross-chain interoperability across any blockchain. Chainlink Labs helps power verifiable...
-
Staff Product Security Engineer, Bitkey
1 week ago
San Francisco, California, United States Block Full timeCompany DescriptionBlock is one company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams - People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more - provide support and guidance at the corporate level. They work across business groups...
-
San Francisco, United States OpenAI Full timeAbout the Team Security is at the foundation of OpenAI's mission to ensure that artificial general intelligence benefits all of humanity. The Security team protects OpenAI's technology, people, and products. We are technical in what we build but are operational in how we do our work, and are committed to supporting all products and research at OpenAI. Our...
-
Lead Product Security Engineer
4 days ago
San Francisco, CA, United States WeightsBiases Full timeAt Weights & Biases, our mission is to build the best developer tools for machine learning. Weights & Biases is a series C company with $250 million in funding and a rapidly growing user base. Our platform is an essential piece of the daily work for machine learning engineers, from academic research institutions like FAIR and UC Berkeley to massive...
-
Staff Product Security Engineer
3 days ago
San Francisco, United States Discord Full timeDiscord empowers people to create spaces where they can find a sense of belonging in their lives. Millions of people trust Discord to keep their communications secure, private, and out of the hands of evildoers, so security and privacy are necessary to Discord's success. We are looking for a Security Engineer reporting to the Product Security Engineering...
-
Security Product Engineer
4 days ago
San Francisco, CA, United States Adobe Full timeChanging the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with...
-
Staff Product Security Engineer
4 days ago
San Francisco, CA, United States Discord Full timeDiscord empowers people to create spaces where they can find a sense of belonging in their lives. Millions of people trust Discord to keep their communications secure, private, and out of the hands of evildoers, so security and privacy are necessary to Discord's success. We are looking for a Security Engineer reporting to the Product Security Engineering...
-
Principal Engineer, Product Security
3 weeks ago
San Francisco, United States Cisco Full timeAt Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most meaningful to them: their students, patients, customers, and businesses. We’re making networking easier, faster, and smarter with technology that simply works. The modern world runs on the internet,...
-
Principal Engineer, Product Security
4 weeks ago
San Francisco, United States Cisco Full timeAt Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most meaningful to them: their students, patients, customers, and businesses. We’re making networking easier, faster, and smarter with technology that simply works. The modern world runs on the internet,...
-
Product Security Engineer
7 days ago
San Jose, United States PER International Full timeAutomotive Product Security Engineer (San Jose and San Diego CA/ Seattle, WA) The Company: Our Client is one of the world’s largest global Top-tier Semiconductor Companies. Their chips are used by some of the biggest names in the tech industry, and they are helping to shape the future of technology - thus, making them a major force in the semiconductor...
-
Product Security Engineer
4 days ago
San Jose, United States PER International Full timeAutomotive Product Security Engineer (San Jose and San Diego CA/ Seattle, WA) The Company: Our Client is one of the worlds largest global Top-tier Semiconductor Companies. Their chips are used by some of the biggest names in the tech industry, and they are helping to shape the future of technology - thus, making them a major force in the semiconductor...
-
Principal Engineer, Product Security
2 weeks ago
San Francisco, United States Cisco Full timeAt Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most meaningful to them: their students, patients, customers, and businesses. Were making networking easier, faster, and smarter with technology that simply works. The modern world runs on the internet, and...
-
Principal Engineer, Product Security
10 hours ago
San Francisco, United States Cisco Full timeAt Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most meaningful to them: their students, patients, customers, and businesses. Were making networking easier, faster, and smarter with technology that simply works. The modern world runs on the internet, and...
-
Staff Product Security Engineer
4 days ago
San Francisco, CA, United States Discord Full timeDiscord empowers people to create spaces where they can find a sense of belonging in their lives. Millions of people trust Discord to keep their communications secure, private, and out of the hands of evildoers, so security and privacy are necessary to Discord's success. We are looking for a Security Engineer reporting to the Product Security...