Jobs · Information Technology · California

Product Security Engineer

Compa · Irvine, CA · 3 days ago
On-siteInformation Technology$185k–$220k/yrFull-time

Responsibilities

  • Set the Security Bar
  • Perform architecture reviews, threat modeling, and security design reviews across applications, APIs, cloud infrastructure, data pipelines, and AI-enabled systems.
  • Develop security standards, reference architectures, and secure design patterns that enable teams to build securely by default.
  • Define and continuously improve the Secure Software Development Lifecycle (SDLC), embedding security throughout engineering workflows and release processes.
  • Lead security assessments for new products, major features, third-party integrations, and emerging technologies.
  • Serve as a trusted technical advisor on security architecture, implementation decisions, and risk tradeoffs.
  • Communicate security concepts clearly across audiences — from engineering design reviews to product documentation, trust portal content, and customer diligence conversations.
  • Build Leverage Through Tooling and Enablement
  • Design and build reusable security patterns, libraries, and developer tooling that scale secure-by-default practices across engineering.
  • Implement security automation and guardrails that improve security posture while reducing developer friction.
  • Partner with Platform Engineering on cloud security posture, infrastructure hardening, secrets management, workload identity, and security observability.
  • Advance AI Security
  • Define and operationalize secure patterns for AI-enabled products, agents, MCP servers, tool integrations, and retrieval systems.
  • Evaluate emerging AI security risks and translate them into practical architectural guidance, engineering controls, and platform capabilities.
  • Partner with developers to improve the safe and scalable use of AI throughout the software development lifecycle, including AI-assisted tools and emerging workflows.
  • Build When It Matters
  • Prototype and deliver initial production-ready implementations for strategic initiatives, establishing patterns for broader adoption.
  • Contribute to security incident response, investigations, and remediation when needed.

Requirements

  • 5+ years of Software Engineering experience to include building and shipping production software.
  • Strong programming fundamentals in at least one modern language, with aptitude to quickly learn others.
  • Experience performing application security reviews, threat modeling, or security design reviews.
  • Experience designing, building, or securing cloud-native applications and distributed systems.
  • Strong understanding of cloud security, IAM, CI/CD, containers, infrastructure-as-code, and software supply chain security.
  • Experience influencing engineering organizations through technical leadership and architectural guidance.
  • Strong systems thinking, sound judgment, and the ability to reason about architecture, scale, operational risk, and engineering tradeoffs while operating effectively in ambiguous, fast-moving environments.
  • Ability to translate security risk into business and engineering terms, and to influence decisions at the leadership level without direct authority.

Qualifications

  • Experience securing cloud-native infrastructure in AWS environments.
  • Experience designing or implementing enterprise-facing capabilities such as SAML, SCIM, RBAC, audit logging, or customer-facing security controls.
  • Experience building security automation, developer tooling, or internal platforms that improved engineering velocity and security outcomes.
  • Experience building, operating, or securing AI-enabled products, agents, MCP servers, or retrieval systems.
  • Experience building or scaling a Product Security or Security Engineering function in a high-growth technology company.

Skills

  • Strong understanding of cloud security, IAM, CI/CD, containers, infrastructure-as-code, and software supply chain security.
  • Experience influencing engineering organizations through technical leadership and architectural guidance.
  • Strong systems thinking, sound judgment, and the ability to reason about architecture, scale, operational risk, and engineering tradeoffs while operating effectively in ambiguous, fast-moving environments.
  • Ability to translate security risk into business and engineering terms, and to influence decisions at the leadership level without direct authority.

Benefits

  • Compa offers a competitive compensation range of $185K - $220K.

Pay

  • $185K - $220K

Schedule

  • Full-time

Similar jobs

Product Security Engineer

Aras CorporationAndover, MA· 2 wk ago
Information Technology$100k–$125k/yrapply on aras.bamboohr.com

Product Security Engineer

ID.meSan Francisco Bay Area· 3 wk ago
Information Technology$168k–$200k/yrapply on job-boards.greenhouse.io