Senior Product Security Engineer
7AI · Boston, MA · 1 mo ago
HybridInformation TechnologyFull-time
Responsibilities
- Define and evolve secure architecture patterns for products, services, internal tools, and platform capabilities across 7AI.
- Partner directly with engineering teams throughout the software development lifecycle, helping design, implement, and ship secure systems.
- Build or help build security guardrails, automation, and platform capabilities that enable developers to move quickly while operating within secure boundaries.
- Operate and continuously improve our SAST, SCA, CSPM and other Prodsec tooling.
- Design and implement approaches for safely leveraging AI-generated code, agentic workflows, and AI-powered developer tooling.
- Collaborate with Platform and DevOps engineers to integrate security controls directly into developer workflows, CI/CD pipelines, infrastructure, and deployment systems.
- Identify security risks through architecture reviews, threat modeling, code review, and hands-on investigation, then work alongside engineers to remediate them.
- Contribute code, prototypes, tooling, and platform services that improve security across the engineering organization.
- Help define security standards, engineering practices, and development workflows that can scale with the company as we grow.
- Serve as a trusted technical partner to engineering teams, helping balance security, usability, and delivery velocity.
- Participate in customer and partner security discussions when deep technical expertise is needed.
Requirements
- 6+ years of software engineering, security engineering, or product security experience in modern cloud-native environments.
- Strong understanding of secure application and system design, including authentication, authorization, secrets management, software supply chain security, and common application vulnerabilities.
- Comfortable reading, reviewing, and contributing production code in at least two of Python, TypeScript, or Rust.
- Experience implementing and tuning SAST, SCA, dependency management, CSPM, and other security tooling.
- Experience designing security controls and secure development workflows that integrate directly into engineering processes.
- Hands-on experience building developer tooling, platform services, automation, or infrastructure that improves security outcomes.
- Strong threat modeling and architectural reasoning skills, with the ability to translate security concerns into practical engineering solutions.
- Able to work collaboratively with product, platform, and engineering teams and influence decisions through technical credibility.
- Excellent written and verbal communication skills.
- Able to balance security rigor with engineering velocity in a fast-moving product environment.
Nice to Have
- Experience securing AI platforms, LLM-powered applications, agentic systems, or AI-assisted software development workflows.
- Experience building internal developer platforms, engineering enablement systems, or platform engineering capabilities.
- Familiarity with AWS, GCP, or Azure cloud environments.
- Experience contributing to security tooling, open-source projects, developer infrastructure, or platform services.
- Experience in high-growth startups where pragmatism, ownership, and execution matter more than organizational boundaries.