Staff Product Security Engineer
Ladders · United States · 4 days ago
RemoteRemoteInformation Technology$165k–$200k/yrFull-time
Responsibilities
- Lead security architecture and threat modeling sessions with product teams using methodologies like STRIDE and PASTA
- Translate threats into actionable engineering remediations prioritized by risk severity
- Conduct penetration testing and produce actionable security assessments
- Red-Team AI products and tools, testing for vulnerabilities like prompt injection
- Manage PSIRT operations including vulnerability triaging and coordinated disclosures
- Define enterprise policies for AI-assisted development environments
- Advise design and engineering teams on security implications and mentor junior engineers
Qualifications
- 10+ years of product security experience in application security, cloud security, and secure SDLC
- Expert in Threat Modeling using STRIDE, PASTA or similar methodologies across various platforms
- Hands-on penetration testing skills for applications, APIs, cloud infrastructure, and hardware
- Experience running PSIRT operations, fluent in CVE and CVSS
- Deep AI security expertise and understanding of OWASP Top 10 for various technologies
- Strong programming ability with experience in various languages and frameworks
- Ability to influence and mentor across technical and non-technical teams
Benefits
- Medical, dental, vision, and HSA match
- Paid life insurance, AD&D, and disability benefits
- Unlimited PTO with additional paid holidays
- Professional development stipends
- Mental health resources and financial planner access
- 100% paid parental leave and caregiving leave, with additional support during leave
- Flexible work-from-home options with a fully stocked kitchen and catered lunches
Pay
$165,000 – $200,000 annually
Schedule
Remote - US based candidates only, no visa sponsorship available