Jobs · Information Technology

Staff Product Security Engineer

Ladders · United States · 4 days ago
RemoteRemoteInformation Technology$165k–$200k/yrFull-time

Responsibilities

  • Lead security architecture and threat modeling sessions with product teams using methodologies like STRIDE and PASTA
  • Translate threats into actionable engineering remediations prioritized by risk severity
  • Conduct penetration testing and produce actionable security assessments
  • Red-Team AI products and tools, testing for vulnerabilities like prompt injection
  • Manage PSIRT operations including vulnerability triaging and coordinated disclosures
  • Define enterprise policies for AI-assisted development environments
  • Advise design and engineering teams on security implications and mentor junior engineers

Qualifications

  • 10+ years of product security experience in application security, cloud security, and secure SDLC
  • Expert in Threat Modeling using STRIDE, PASTA or similar methodologies across various platforms
  • Hands-on penetration testing skills for applications, APIs, cloud infrastructure, and hardware
  • Experience running PSIRT operations, fluent in CVE and CVSS
  • Deep AI security expertise and understanding of OWASP Top 10 for various technologies
  • Strong programming ability with experience in various languages and frameworks
  • Ability to influence and mentor across technical and non-technical teams

Benefits

  • Medical, dental, vision, and HSA match
  • Paid life insurance, AD&D, and disability benefits
  • Unlimited PTO with additional paid holidays
  • Professional development stipends
  • Mental health resources and financial planner access
  • 100% paid parental leave and caregiving leave, with additional support during leave
  • Flexible work-from-home options with a fully stocked kitchen and catered lunches

Pay

$165,000 – $200,000 annually

Schedule

Remote - US based candidates only, no visa sponsorship available

Similar jobs