Product Security Designer

Join Affirm as a Senior Product Security Engineer, where you will play a vital role in safeguarding our products and services against security threats. In this position, you will work closely with cross-functional teams to identify vulnerabilities, design secure systems, and implement robust security measures.Your expertise will help us not only to protect our assets but also to foster trust with our customers. If you're passionate about security and eager to make an impact in a dynamic environment, we want to hear from you!

Join Movable Ink as a Product Security Engineer and play a pivotal role in safeguarding our codebases, CI/CD pipelines, and overall development practices. In this hands-on position, you'll adopt a security-first mindset while collaborating with engineering teams to streamline software delivery while minimizing risk. Your expertise will be crucial in enhancing automation processes that protect our code and infrastructure, especially in the face of rising threats from AI coding tools and supply chain attacks. This role is vital for proactively identifying and mitigating vulnerabilities before they are deployed to production.

About FaireFaire is a dynamic online wholesale marketplace driven by the belief that the future lies in local commerce. Independent retailers worldwide are achieving greater revenue than giants like Walmart and Amazon combined, yet remain relatively small in stature. At Faire, we harness the power of technology, data, and machine learning to connect this vibrant community of entrepreneurs around the globe. Imagine your favorite local boutique—we empower them to discover the finest products globally to stock their shelves. With the right tools and insights, we aim to level the playing field, enabling small businesses everywhere to compete against large box stores and e-commerce behemoths.By championing the growth of independent enterprises, Faire fosters positive economic impacts within local communities on a global scale. We are on the lookout for intelligent, resourceful, and passionate individuals to join us as we drive the shop-local movement. If you believe in the power of community, we invite you to be a part of ours.Role Description:Our Engineering organization is the backbone of our marketplace, responsible for the software that enables it to function seamlessly. The Product Security team empowers product engineering teams to create and deploy secure software solutions. We prioritize best engineering practices, striving to deliver software that is secure, thoroughly tested, easy to maintain, and capable of scaling to millions of users. We develop scalable, reusable frameworks, consult with product teams, leverage data-driven insights, and continually iterate on our practices.As a Senior Staff Software Engineer in Product Security, you will take on the role of technical lead for the Product Security domain. You will establish the long-term technical vision for integrating security within Faire’s application framework. Collaborating closely with Platform and Product Engineering teams, you will identify and mitigate security vulnerabilities, spearhead significant security initiatives, and mentor engineers across the organization to enhance secure engineering practices.Additionally, you will lead cross-functional programs to embed security deeply within our architecture, pipelines, and developer experience, effectively minimizing risk while maintaining development velocity.In this role, you will:Define the long-term technical strategy for application security at Faire, establishing scalable and developer-friendly frameworks and principles that facilitate secure development across all product areas.

The Security Product Management team plays a crucial role in maintaining customer trust by ensuring that data security becomes a key market differentiator. This enables MongoDB to thrive in enterprise and regulated sectors. Our team's responsibilities are extensive, encompassing various features such as Networking, Identity and Access Management (IAM), Data Governance, Encryption, Compliance, and Auditing.This position can be performed from our Toronto office or remotely within Canada.

Join Lattice as a Product Security Engineer and be at the forefront of safeguarding our products and services. In this pivotal role, you will collaborate with cross-functional teams to identify, assess, and mitigate security vulnerabilities throughout the product lifecycle.Your expertise in security best practices will contribute to designing secure systems, conducting threat modeling, and performing security reviews. You will play a crucial role in ensuring our products meet the highest standards of security, protecting both our users and our organization.

At Confluent, we are not just enhancing technology; we are transforming the way data is utilized. Our innovative platform enables real-time data streaming, allowing businesses to adapt swiftly, create intelligently, and offer experiences that resonate with the ever-changing world.We believe in the power of teamwork and collaboration. Our ideal candidates are those who ask challenging questions, provide constructive feedback, and support one another—no egos, no lone wolves. Just smart, inquisitive individuals working together toward a greater goal.About the Role:As a vital member of our Product Security team, you will play a crucial role in developing impactful security features for Confluent Cloud and enhancing our security platform. Your responsibilities will include designing and implementing identity and access management functionalities, along with scalable authentication and authorization methods such as OAuth, mTLS, RBAC, and ABAC. You will collaborate closely with product, engineering, and InfoSec teams to create seamless yet secure solutions, directly contributing to the enhancement of Confluent Cloud's security framework and ensuring an effortless experience for our users.What You Will Do:Lead the execution of projects independently and deploy them to production with a strong emphasis on quality and customer impact.Work collaboratively with a high-performing team and cross-functional partners to make decisions that benefit both the team and the organization.Diagnose issues, conduct root cause analysis, and enhance operations for complex problems that span multiple cloud environments.Develop clean, well-documented, and maintainable code that complies with established team standards and security best practices.Create value for customers by addressing their most challenging issues.What You Will Bring:2-5 years of relevant experience in software, product, and/or security engineering.Strong fundamentals in the design and development of distributed systems.Experience in building and managing large-scale systems in the cloud.Solid understanding of fundamental systems operations including disk, network, and operating systems.Proficiency in programming languages such as Java, Scala, C/C++, Go, or other statically typed languages.

Protecting Every Identity, from AI to HumanAt Okta, we believe that identity is the cornerstone for harnessing the potential of AI technology. We are dedicated to securing AI by creating a reliable, neutral infrastructure that empowers organizations to confidently navigate this exciting new landscape. This mission demands a relentless commitment to tackling intricate challenges with significant real-world implications. We are searching for innovators and leaders who thrive in a fast-paced environment and deliver results with precision.As a Senior Security Infrastructure Engineer on our Red Team, you will play a pivotal role within the Product Security team, providing critical security assurance for Okta's products, services, and infrastructure. You will be the first dedicated infrastructure and tooling engineer for a small team of operators, working collaboratively alongside them as a peer in a distinct discipline.In this role, you will take ownership of the engineering backbone that supports our operations, focusing on infrastructure, tooling, and automation within the Red Team. Your responsibilities will include designing, building, maintaining, and continuously enhancing the platforms and tools that our operators rely on for executing their engagements.Your contributions will directly enable the team to operate at a higher maturity level, characterized by rapid infrastructure deployment, resilient OPSEC-aware architectures, automated workflows, and dependable custom tools, allowing operators to concentrate on their core mission. Furthermore, you will foster collaboration with stakeholders and elevate the company's security posture through strategic initiatives and proactive measures. As the team grows, this role has the potential to evolve into platform leadership or a hybrid operator/engineer pathway.

About RootlyAt Rootly, we are dedicated to transforming how organizations respond to incidents, striving to enhance reliability across all sectors. Our cutting-edge incident management platform empowers companies globally to address incidents swiftly and effectively. We're not just redefining an industry; we're pioneering a new multi-billion dollar segment and require exceptional talent to help us realize this ambitious vision.Our clients include some of the fastest-growing names in the world, such as NVIDIA, Figma, Canva, Tripadvisor, and Squarespace, who trust Rootly to streamline their critical incident management processes. They appreciate our robust, enterprise-ready platform and collaborative partnership model, consistently rating us 5 stars on G2.Our investors share our enthusiasm. Backed by prominent funds including Y Combinator, along with industry leaders from Dropbox and GitHub, we prioritize transparency in our culture. Monthly financial reviews keep our team informed about the business's health, and our weekly changelog keeps everyone updated on our developments.About the RoleAs a Senior Security Engineer, you will be instrumental in advancing our security initiatives, working closely with diverse teams to ensure the reliability and scalability of our products. You will design systems, tools, and solutions that secure our mission-critical applications while contributing to organization-wide efforts to automate, optimize, and enhance our security protocols.Develop security solutions that not only meet rigorous standards but also exceed the expectations of our developers and customers.Play a key role in vital security initiatives, including identity and access management, vulnerability management, incident response, security control implementation, and infrastructure security.Collaborate closely with engineering teams to deliver secure, reliable, and scalable solutions for our valued customers.With our expanding customer base, tackle intriguing technical challenges to scale our product effectively.Participate in the on-call rotation, swiftly addressing and resolving security incidents as they occur.

As a Staff Product Security Engineer at Affirm, you will play a critical role in safeguarding our products and systems by identifying vulnerabilities and implementing effective security measures. Your expertise will help shape our security strategies, ensuring that we maintain the highest standards of security throughout the product lifecycle.You will collaborate closely with cross-functional teams, providing guidance on security best practices and conducting threat assessments. Your work will directly impact the security posture of our products and the trust of our customers.

Why join usAt Brex, we are revolutionizing the way businesses manage their finances with our AI-powered spending platform. Our integrated corporate cards, banking services, and global payment solutions empower companies to spend confidently. From startups to multinational enterprises, including well-known names like DoorDash, Flexport, and Compass, our platform enables proactive spend management, cost reduction, and enhanced efficiency worldwide.Joining Brex means embracing challenges and pushing boundaries while collaborating with some of the most talented professionals in the field. We are dedicated to fostering a diverse and inclusive workplace, believing that your potential is limited only by your imagination. We provide the tools, resources, and support necessary for you to advance your career.Engineering at BrexEngineering at Brex focuses on scalability, speed, and purposeful development. Our teams, encompassing Software, Data, Security, and IT, operate with high levels of autonomy and collaboration. We tackle complex technical challenges, take ownership of our results, and strive for excellence at every stage—from architecture to deployment. This is where engineering is an art, and builders emerge as leaders.What you’ll doAs a Senior Application Security Engineer, your primary objective will be to identify and address security vulnerabilities across the Brex platform. You will conduct code reviews, design evaluations, penetration testing, and manage vulnerabilities. Additionally, you will create and enhance tools for both static and dynamic testing of the platform and support secure development workflows. Being part of the broader Financial Scale organization, you will collaborate closely with teams in Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure.We seek individuals with a robust background and passion for penetration testing. You should have a proven track record of discovering vulnerabilities in intricate systems and developing exploits to illustrate their potential impact on the business. This role is highly collaborative and cross-functional, offering opportunities to work with various engineering teams across Brex. You should be excited about engaging with diverse backgrounds and roles. Ensuring world-class security is imperative for delivering world-class financial services.Brex is at the forefront of integrating AI into financial services, catering to dynamic and high-impact organizations like Coinbase, Robinhood, and Anthropic. This role presents a unique opportunity to influence the future of our AI-driven product suite.

Why Choose Brex?At Brex, we are revolutionizing spending through our AI-driven platform. Our integrated solutions for corporate cards, banking, and payments empower businesses to manage their expenses confidently. Trusted by thousands of companies, from innovative startups to established enterprises like DoorDash and Flexport, we enable our clients to optimize spending, cut costs, and enhance efficiency on a global scale.Joining Brex means pushing boundaries, challenging norms, and collaborating with some of the brightest minds in the industry. We are dedicated to fostering a diverse team and an inclusive culture, believing that your potential is only limited by your aspirations. We provide the tools, resources, and support necessary for you to thrive in your career.Engineering at BrexOur engineering team is focused on creating scalable systems with speed and purpose. We operate across Software, Data, Security, and IT, promoting high autonomy and deep collaboration. We tackle complex technical challenges, take ownership of our results, and strive for excellence in all aspects from architecture to deployment. Here, engineering is a craft, and builders evolve into leaders.Your RoleAs a Senior Security Operations Engineer at Brex, your primary responsibility will involve preventing, detecting, and responding to security threats within our corporate and cloud environments. You will leverage existing systems and develop innovative tools to enhance our security posture. Your role encompasses various functions across corporate security, detection and response, and infrastructure security, and you will engage in systems engineering and automation to support these endeavors.Your contributions will extend to our broader Trust & IT organization, collaborating closely with teams in Application Security, Corporate Engineering, GRC, and IT to enhance security configurations, promote positive employee behaviors, and proactively prevent incidents. Additionally, you will help maintain and contribute to our open-source project Substation and have the chance to engage with the Brex Tech Blog. You will be part of a team that actively contributes to the security community and is committed to mentorship and engineering excellence.

Team: Information Security Position Overview: Squarepoint Capital is looking for a highly skilled Senior Information Security Engineer to join our esteemed Information Security team. In this critical role, you will contribute significantly to enhancing our security framework by offering expert insights and spearheading improvements in vital domains such as network, cloud, data, and system security. As a key escalation contact for Security Operations, you will ensure that complex security issues are thoroughly analyzed and resolved efficiently. Your responsibilities will include supervising security measures in essential IT projects, leading threat modeling efforts for intricate systems, conducting audits to identify security vulnerabilities, and developing automated processes to continuously assess the effectiveness of security controls and system resilience. This position presents an exciting opportunity to lead security initiatives and influence the overall security strategy of the organization. Proactivity and self-motivation are essential for success in this role. Enhance security across key areas, including network security, email security, cloud security, and data protection. Act as a security consultant for IT projects, ensuring compliance with security requirements and risk mitigation strategies. Manage and optimize security tools, ensuring their effective deployment and maintenance. Lead the design and development of robust security solutions and architectures to safeguard critical assets. Provide second-line support to Security Operations. Conduct threat modeling and risk assessments to uncover vulnerabilities and implement proactive mitigation strategies. Oversee relationships with the Managed Detection and Response (MDR) provider to ensure service efficacy and continuous improvement. Implement initiatives outlined in the security roadmap, aligning with business objectives and emerging threats. Collaborate with cross-functional teams to boost security awareness and integrate security into business processes.

Job SummaryAs the Senior Application & Cloud Security Engineer, you will be a pivotal member of the Technology team at Create Music Group, directly reporting to the VP of Data Engineering. This position is instrumental in safeguarding our application portfolio and multi-cloud infrastructure (AWS & GCP). You will work hands-on to enhance the security of Label Engine (PHP/Laravel on AWS, processing over $1B in royalties), fortify the expanding GCP-based CreateOS data and AI platform, and implement the company's extensive security roadmap, which encompasses identity management, endpoint protection, vulnerability management, incident response, and compliance.

Docker supports over 20 million developers each month with tools like Docker Desktop, Docker Hub, and Docker Scout. The company’s fully remote team builds secure, reliable solutions for containerized applications, emphasizing security as a core value, especially as autonomous and AI-driven workflows become more common. Role overview The Senior Security Engineer will join the Docker Desktop team to shape security architecture for a complex, cross-platform application. This product integrates identity management, OCI runtimes, and Linux kernel elements. The role leads security reviews, coordinates closely with Docker’s central security group, and acts as the main contact for vulnerability reports. What you will do Design and maintain security architecture for Docker Desktop Review features and code for security issues before deployment Work closely with product engineers and the central security team Respond to vulnerability disclosures and coordinate mitigation efforts Emphasize threat modeling and clear communication across teams Requirements Direct engineering experience in security Strong background in threat modeling Ability to communicate effectively with both engineers and security professionals Comfort working on cross-platform products involving identity, OCI runtimes, and Linux kernel internals Location This is a remote position open to candidates based in Canada.

We are seeking a Senior Security Engineer to join our team at OpenTable. This role will initially be remote, with plans to transition to a hybrid model, requiring in-office attendance twice a week in downtown Toronto.As a leader in the restaurant technology industry, OpenTable, a part of Booking Holdings, Inc. (NASDAQ: BKNG), connects millions of diners with over 60,000 restaurant partners. With more than 25 years of experience, our technology enables restaurants to thrive by focusing on their team, guests, and profitability while providing diners with a seamless booking experience.At OpenTable, every team member significantly influences our operations and culture. Join us and be part of a global team dedicated to excellence in hospitality and technology.

Menlo Security is dedicated to empowering individuals and organizations to connect, communicate, and collaborate securely without compromise. The urgency of this mission has only intensified in the wake of COVID-19. We proudly serve a diverse clientele that includes Fortune 500 companies, 9 out of 10 of the largest global banks, and the Department of Defense.Our work environment has evolved significantly, and we are poised to expand from 400 employees to the next chapter in our journey. We are in search of passionate individuals who embody empathy and agility. The ideal candidate is ethical, exceptionally organized, dedicated to seeing tasks through to completion, service-oriented, and open to feedback while also confident in providing guidance to others.Menlo Security is backed by leading investors, including Vista Equity Partners, General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures, which positions us well for growth.Role OverviewWe are looking for a proactive Senior Security Engineer to join our team, with a focus on both offensive and defensive security measures, conducting penetration tests on product features, and managing the cloud architecture that supports our offerings. This role will require you to navigate a complex multi-cloud environment (AWS & GCP) that encompasses both traditional virtual machines and modern container-based architectures.In this specialized role, you will collaborate with fellow security engineers (including Penetration Testers and Cloud Security experts) to carry out targeted assessments during specific product testing phases just prior to release. Your success will depend on your ability to stay aligned with the product roadmap and gain in-depth technical knowledge of new features, allowing you to independently set up environments and conduct thorough tests within stringent timelines.Your responsibilities will extend beyond application security to include comprehensive infrastructure reviews, ensuring that cloud configurations, IAM policies, and orchestration layers adhere to our security standards. Speed is crucial: you must quickly identify, validate, and report vulnerabilities to uphold our release cadence. Moreover, you will act as the first line of defense against external threats, monitoring bug bounty submissions and external reports to effectively triage and address findings with utmost professionalism.

Role Overview Wabtec Corporation is seeking a Product Security Designer in Québec. This role focuses on shaping and applying security frameworks to protect the integrity and safety of our products. What You Will Do Design security frameworks for new and existing products Implement measures that safeguard product integrity Work with teams to ensure security standards are met throughout development

Later is the leading influencer marketing platform designed to empower brands in crafting unforgettable campaigns. By leveraging authentic creator relationships, reliable intelligence, and expert insights, Later eliminates uncertainty from one of marketing's most critical investments.Fueled by a robust AI-driven platform and over a decade of proprietary data—including billions of social interactions, impressions, and more than $2.4 billion in verified influencer-driven purchases—Later equips teams with the insights needed for successful launches.Combining trusted analytics with expert guidance, Later enables brands to select the ideal creators, execute comprehensive campaigns, and achieve significant growth in awareness, engagement, and revenue. Trusted by industry giants such as Nike, Wayfair, Unilever, and Southwest Airlines, Later merges creativity with performance to ensure campaigns not only look great but also produce impactful results. Discover more at later.com.About this position:As a Senior Security Engineer at Later, you will be instrumental in fortifying and expanding the security frameworks that support our platform. This position integrates profound security knowledge with practical engineering skills, concentrating on identity and access management, authentication systems, and secure development methodologies.You will collaborate closely with Engineering, Infrastructure, and Product teams to integrate security into our CI/CD pipelines, internal platforms, and customer-facing systems, allowing teams to operate swiftly while safeguarding our systems, data, and users. This role is a high-impact position for an individual who thinks like a defender, builds like a software engineer, and leads through influence.

About RootlyAt Rootly, we strive to be the definitive solution for organizations when crises arise, enhancing reliability across the board. Our cutting-edge incident management platform empowers businesses globally to swiftly and effectively tackle incidents. We are not just redefining an industry; we are pioneering a multi-billion dollar market niche and seeking exceptional talent to help us accomplish this ambitious vision.Our clients adore Rootly. Leading companies such as NVIDIA, Figma, Canva, Tripadvisor, and Squarespace trust Rootly to streamline their critical incident management processes. They rave about our user-friendly, enterprise-grade platform and our distinctive partnership approach. Discover why we have received 5-star reviews on G2.Our investors appreciate Rootly. We are supported by some of the most esteemed venture funds, including Y Combinator, and industry leaders like the CTO of Dropbox and GitHub. We are eager to share our complete funding and profitability details during the interview, as transparency is a core value for us. Our team conducts monthly financial reviews, ensuring everyone is informed about the company's health, and we regularly update our weekly changelog to showcase our developments.About the RoleThis is a unique chance to join Rootly as a pioneering engineer, influencing our direction significantly. You will encounter a dynamic environment where the product evolves rapidly, and adaptability is key. We seek engineers who not only execute but also inspire, challenge, and enhance their surroundings.We are assembling a team that operates with agility, sophistication, and impact. Every engineer at Rootly is expected to contribute creatively—whether it’s implementing a quick fix, launching a feature that delights users, or persistently refining our product experience. We are looking for individuals who are passionate about engineering excellence, think systemically, and elevate the performance of those around them. If you thrive in an environment that rewards ownership, where mediocrity is not an option, and speed is an advantage, this is the ideal place for you.Your ResponsibilitiesLead the entire feature development process, from conception to deployment, ensuring high quality, performance, and an exceptional user experience.Infuse an obsessive attention to detail into the product, ensuring a polished and intuitive experience. You don’t just create software; you craft exceptional solutions.