Product Security Engineer

Join Movable Ink as a Product Security Engineer and play a pivotal role in safeguarding our codebases, CI/CD pipelines, and overall development practices. In this hands-on position, you'll adopt a security-first mindset while collaborating with engineering teams to streamline software delivery while minimizing risk. Your expertise will be crucial in enhancin…

Join Affirm as a Senior Product Security Engineer, where you will play a vital role in safeguarding our products and services against security threats. In this position, you will work closely with cross-functional teams to identify vulnerabilities, design secure systems, and implement robust security measures.Your expertise will help us not only to protect our assets but also to foster trust with our customers. If you're passionate about security and eager to make an impact in a dynamic environment, we want to hear from you!

As a Staff Product Security Engineer at Affirm, you will play a critical role in safeguarding our products and systems by identifying vulnerabilities and implementing effective security measures. Your expertise will help shape our security strategies, ensuring that we maintain the highest standards of security throughout the product lifecycle.You will collaborate closely with cross-functional teams, providing guidance on security best practices and conducting threat assessments. Your work will directly impact the security posture of our products and the trust of our customers.

Role Overview Wabtec Corporation is seeking a Product Security Designer in Québec. This role focuses on shaping and applying security frameworks to protect the integrity and safety of our products. What You Will Do Design security frameworks for new and existing products Implement measures that safeguard product integrity Work with teams to ensure security standards are met throughout development

The Security Product Management team plays a pivotal role in protecting customer trust and transforming data security into a competitive advantage for MongoDB in enterprise and regulated markets. Our team's responsibilities encompass a wide array of essential features, including Networking, Identity and Access Management (IAM), Data Governance, Encryption, Compliance, and Auditing. This position offers the flexibility to work from our Toronto office or remotely within North America. Key Responsibilities Act as a crucial member of the security product management team, focusing on data security as a key differentiator for MongoDB's success in enterprise and regulated sectors. Develop a forward-thinking vision for top-tier data security features, including Resource Policies and Secure by Default initiatives, aimed at reducing vulnerabilities to unauthorized access and data loss risks. Collaborate with engineering to create a prioritized product roadmap and backlog to realize this vision. Gain a comprehensive understanding of all business facets to ensure alignment with our overarching product, customer, and company objectives. Enhance our knowledge of emerging threats and relevant technologies in data security, utilizing customer feedback to propose innovative solutions and best practices from the industry. Work alongside engineering, legal, research, product marketing, support, sales, and security teams to foster customer trust in using MongoDB for their most sensitive data workloads. Establish and monitor key performance indicators (KPIs) and success metrics for security initiatives, ensuring they align with both business objectives and product goals. Qualifications Minimum of 5 years of product management experience or equivalent in enterprise security or platform environments. Proven experience collaborating with security-focused engineering teams within diverse group settings. Strong domain expertise in data security principles. Track record of achieving business results through influential leadership across various partner teams, including engineering, sales, marketing, solution architects, and customer success. Exceptional written and verbal communication skills, with experience in presenting to executive leadership. Demonstrated ability to define and execute successful product strategies and roadmaps. Experience in translating technical product requirements into actionable product roadmaps. Familiarity with major public cloud providers such as AWS, Azure, and GCP. Comfortable with public speaking and engaging stage presence. Bachelor's degree in Computer Science or equivalent experience.

We are seeking a talented Product Security Designer to join our innovative team at Wabtec Corporation. As a key player in our design and development processes, you will be responsible for ensuring the highest standards of security in our product offerings. Your expertise will contribute to safeguarding our solutions against emerging threats, enhancing customer trust and satisfaction.

About FaireFaire is a dynamic online wholesale marketplace driven by the belief that the future lies in local commerce. Independent retailers worldwide are achieving greater revenue than giants like Walmart and Amazon combined, yet remain relatively small in stature. At Faire, we harness the power of technology, data, and machine learning to connect this vibrant community of entrepreneurs around the globe. Imagine your favorite local boutique—we empower them to discover the finest products globally to stock their shelves. With the right tools and insights, we aim to level the playing field, enabling small businesses everywhere to compete against large box stores and e-commerce behemoths.By championing the growth of independent enterprises, Faire fosters positive economic impacts within local communities on a global scale. We are on the lookout for intelligent, resourceful, and passionate individuals to join us as we drive the shop-local movement. If you believe in the power of community, we invite you to be a part of ours.Role Description:Our Engineering organization is the backbone of our marketplace, responsible for the software that enables it to function seamlessly. The Product Security team empowers product engineering teams to create and deploy secure software solutions. We prioritize best engineering practices, striving to deliver software that is secure, thoroughly tested, easy to maintain, and capable of scaling to millions of users. We develop scalable, reusable frameworks, consult with product teams, leverage data-driven insights, and continually iterate on our practices.As a Senior Staff Software Engineer in Product Security, you will take on the role of technical lead for the Product Security domain. You will establish the long-term technical vision for integrating security within Faire’s application framework. Collaborating closely with Platform and Product Engineering teams, you will identify and mitigate security vulnerabilities, spearhead significant security initiatives, and mentor engineers across the organization to enhance secure engineering practices.Additionally, you will lead cross-functional programs to embed security deeply within our architecture, pipelines, and developer experience, effectively minimizing risk while maintaining development velocity.In this role, you will:Define the long-term technical strategy for application security at Faire, establishing scalable and developer-friendly frameworks and principles that facilitate secure development across all product areas.

At Confluent, we are not just enhancing technology; we are transforming the way data is utilized. Our innovative platform enables real-time data streaming, allowing businesses to adapt swiftly, create intelligently, and offer experiences that resonate with the ever-changing world.We believe in the power of teamwork and collaboration. Our ideal candidates are those who ask challenging questions, provide constructive feedback, and support one another—no egos, no lone wolves. Just smart, inquisitive individuals working together toward a greater goal.About the Role:As a vital member of our Product Security team, you will play a crucial role in developing impactful security features for Confluent Cloud and enhancing our security platform. Your responsibilities will include designing and implementing identity and access management functionalities, along with scalable authentication and authorization methods such as OAuth, mTLS, RBAC, and ABAC. You will collaborate closely with product, engineering, and InfoSec teams to create seamless yet secure solutions, directly contributing to the enhancement of Confluent Cloud's security framework and ensuring an effortless experience for our users.What You Will Do:Lead the execution of projects independently and deploy them to production with a strong emphasis on quality and customer impact.Work collaboratively with a high-performing team and cross-functional partners to make decisions that benefit both the team and the organization.Diagnose issues, conduct root cause analysis, and enhance operations for complex problems that span multiple cloud environments.Develop clean, well-documented, and maintainable code that complies with established team standards and security best practices.Create value for customers by addressing their most challenging issues.What You Will Bring:2-5 years of relevant experience in software, product, and/or security engineering.Strong fundamentals in the design and development of distributed systems.Experience in building and managing large-scale systems in the cloud.Solid understanding of fundamental systems operations including disk, network, and operating systems.Proficiency in programming languages such as Java, Scala, C/C++, Go, or other statically typed languages.

The Security Product Management team plays a crucial role in maintaining customer trust by ensuring that data security becomes a key market differentiator. This enables MongoDB to thrive in enterprise and regulated sectors. Our team's responsibilities are extensive, encompassing various features such as Networking, Identity and Access Management (IAM), Data Governance, Encryption, Compliance, and Auditing.This position can be performed from our Toronto office or remotely within Canada.

Who are we?At Cohere, our mission is to harness the power of intelligence for the benefit of humanity. We specialize in training and deploying cutting-edge models for developers and enterprises, enabling them to create innovative AI systems that deliver extraordinary experiences in content generation, semantic search, retrieval-augmented generation (RAG), and intelligent agents. Our endeavors are pivotal in accelerating the global adoption of AI technologies.We are dedicated to excellence in our craft. Each team member plays an essential role in enhancing the capabilities of our models and the value they provide to our clients. Our culture is built on hard work, rapid iteration, and a relentless focus on what is best for our customers.Cohere is comprised of a diverse team of researchers, engineers, designers, and more—each a leader in their field. We believe that diverse perspectives are crucial for creating exceptional products.Join us in our quest to shape the future of AI!About the RoleAre you passionate about secure software engineering? Do you aspire to be at the forefront of AI innovation and security? Our North team at Cohere is on the lookout for a Senior Software Engineer focusing on security to join us in our mission and make a substantial impact. This is not merely an advisory position; you will take ownership of and deliver production-level security features that our clients rely upon daily.Your Role:As a Senior Software Engineer with a specialization in security, your contributions will be vital in architecting and securing North's infrastructure. Your responsibilities will encompass:Software Development: Actively participate in the core development of security features like OIDC/OAuth flows and session management, ensuring the security of North's AI agents.Secure Coding: Write robust code to manage OIDC tokens, user claims, and sensitive information, following best practices for JWT validation and encryption.Authentication and Data Protection: Implement authentication protocols, including user login, token management, and authorization checks to safeguard data integrity.Tool Integration: Integrate new security tools to enhance North's capabilities.DevSecOps: Design and execute secret management in Kubernetes clusters, focusing on encryption and role-based access control (RBAC).Cross-functional Collaboration: Utilize strong communication skills to convey security best practices to stakeholders clearly and effectively.You may be a great fit if:You have 5+ years of experience in building secure software applications.You possess a deep understanding of security protocols and practices.You are proficient in coding languages and frameworks relevant to security development.You have a track record of successful collaboration in cross-functional teams.

We are on the lookout for an innovative and strategic Director of Identity and Security Product Management to spearhead our dedicated team in developing cutting-edge security solutions. In this influential role, you will shape and execute our product strategy across critical areas such as Identity and Access Management (IAM), authorization, authentication, Queryable Encryption, and security hardening. Collaborating with stakeholders at all levels, including executive leadership and cross-functional teams, you will ensure our products uphold the highest standards of security and innovation. As the Director, you will partner closely with engineering teams to outline and implement a comprehensive roadmap for IAM, Queryable Encryption, and Database Security, covering the MongoDB Atlas Platform, Core Database, and essential companion services. Your leadership will be pivotal in reinforcing customer trust in MongoDB, empowering them to deploy secure, high-performance applications knowing their data is safeguarded by state-of-the-art security measures. This position is available in Toronto or can be performed remotely across Canada.

Protecting Every Identity, from AI to HumanAt Okta, we believe that identity is the cornerstone for harnessing the potential of AI technology. We are dedicated to securing AI by creating a reliable, neutral infrastructure that empowers organizations to confidently navigate this exciting new landscape. This mission demands a relentless commitment to tackling intricate challenges with significant real-world implications. We are searching for innovators and leaders who thrive in a fast-paced environment and deliver results with precision.As a Senior Security Infrastructure Engineer on our Red Team, you will play a pivotal role within the Product Security team, providing critical security assurance for Okta's products, services, and infrastructure. You will be the first dedicated infrastructure and tooling engineer for a small team of operators, working collaboratively alongside them as a peer in a distinct discipline.In this role, you will take ownership of the engineering backbone that supports our operations, focusing on infrastructure, tooling, and automation within the Red Team. Your responsibilities will include designing, building, maintaining, and continuously enhancing the platforms and tools that our operators rely on for executing their engagements.Your contributions will directly enable the team to operate at a higher maturity level, characterized by rapid infrastructure deployment, resilient OPSEC-aware architectures, automated workflows, and dependable custom tools, allowing operators to concentrate on their core mission. Furthermore, you will foster collaboration with stakeholders and elevate the company's security posture through strategic initiatives and proactive measures. As the team grows, this role has the potential to evolve into platform leadership or a hybrid operator/engineer pathway.

Samsara builds Connected Operations Cloud technology that supports organizations in agriculture, construction, field services, transportation, and manufacturing. The platform uses IoT data to help these industries improve safety, efficiency, and sustainability. As a public company, Samsara empowers team members to influence the future of physical operations, offering both independence and support. Role overview The Senior Security Engineer - Enterprise Security focuses on building, operating, and maintaining security infrastructure for Samsara’s corporate environment. This position collaborates with a global engineering team to develop a security engineering program that follows current best practices. What you will do Work with stakeholders to design security solutions that balance protection with usability Develop automated alerting and response tools for security events Contribute insights on potential threats in production environments Mentor and support junior engineers within the security team Requirements Experience with a range of security technologies and practices Ability to collaborate with global engineering teams Strong communication skills for partnering with stakeholders Located in Canada within the Pacific Standard Time zone This is a fully remote position based in Canada, limited to candidates within the Pacific Standard Time zone.

Location: Remote, Canada or US GitLab Inc. is hiring a Software Security Engineer to work remotely from Canada or the US. This role focuses on strengthening security across the GitLab product and developing tools that detect and prevent abuse on SaaS platforms. The position is part of the Trust and Safety team, which manages core abuse prevention systems and delivers features that help keep customers safe, such as Compromised Password Detection for GitLab.com. What you will do Implement security improvements directly within the GitLab product Develop and maintain tools to identify and prevent abuse on SaaS platforms Analyze abuse patterns and trends, designing systems to stop malicious user activity Support customer safety by building and maintaining prevention mechanisms Who this role suits This position is well suited to software engineers who want to move into security engineering. Experience working with large Ruby on Rails codebases is important. Formal security engineering experience is not required. Learn more Additional details about the Trust and Safety team and this role’s responsibilities can be found in the GitLab handbook and blog. For more on Compromised Password Detection, see this post.

About SentryAt Sentry, we believe bad software should be a thing of the past. Our mission is to empower developers to create better software at an accelerated pace, allowing everyone to enjoy technology again.With over $217 million in funding and a community of more than 100,000 organizations including industry leaders like Disney, Microsoft, and Atlassian, we are on the forefront of building innovative performance and error monitoring solutions. Our tools enable teams to spend less time resolving bugs and more time enhancing their products.Sentry supports a hybrid work environment across our global offices, designating Mondays, Tuesdays, and Thursdays as in-office days to foster collaboration and creativity. If you are passionate about creating solutions that improve digital experiences, join us in developing next-generation software monitoring tools.About The RoleAs a pivotal member of our Security Team, you will play a key role in safeguarding all aspects of Sentry: our clients, our code, and the infrastructure that supports them. We are a tight-knit team that values autonomy, trust, and innovative thinking to address complex security challenges. Our strong developer culture enhances our ability to build a product that millions depend on.In your capacity as a Senior Security Engineer, you will oversee both application and platform security initiatives. Your responsibilities will include shaping security practices, conducting security reviews, threat modeling, and managing vulnerabilities while instilling secure coding practices within our engineering teams. You will collaborate closely with product and engineering teams to ensure security is embedded in the development lifecycle from inception. Your expertise will be crucial as we expand our product capabilities and navigate new security landscapes.In this role, you willLead and enhance Sentry's security review initiatives, including secure code reviews and architecture assessments, establishing a culture where security is integrated into our operational processes.Drive effective vulnerability management practices encompassing intake, triage, prioritization, and tracking of remediation efforts, alongside managing our bug bounty and responsible disclosure program.Advocate for secure-by-design principles by partnering with engineering and product teams to embed security measures early in the development process, integrating security tools into development and CI pipelines.

Join Instacart as a Senior Security Engineer II and become a vital part of our mission to transform the grocery shopping experience. As a key contributor to our security team, you will help protect sensitive data and ensure the security of our platform. You will collaborate with cross-functional teams to develop security protocols, conduct risk assessments, and implement security solutions.

Join Homebase as a Staff Security Engineer specializing in Application Security in a hybrid work environment. In this pivotal role, you will be responsible for enhancing our security posture while ensuring that our applications remain safe and secure. You will collaborate with cross-functional teams to identify vulnerabilities, implement security controls, and promote best practices in application development.We seek a proactive individual who is passionate about cybersecurity and eager to contribute to building robust security solutions. You will play a key role in shaping the security framework of our applications.

About RootlyAt Rootly, we are dedicated to transforming how organizations respond to incidents, striving to enhance reliability across all sectors. Our cutting-edge incident management platform empowers companies globally to address incidents swiftly and effectively. We're not just redefining an industry; we're pioneering a new multi-billion dollar segment and require exceptional talent to help us realize this ambitious vision.Our clients include some of the fastest-growing names in the world, such as NVIDIA, Figma, Canva, Tripadvisor, and Squarespace, who trust Rootly to streamline their critical incident management processes. They appreciate our robust, enterprise-ready platform and collaborative partnership model, consistently rating us 5 stars on G2.Our investors share our enthusiasm. Backed by prominent funds including Y Combinator, along with industry leaders from Dropbox and GitHub, we prioritize transparency in our culture. Monthly financial reviews keep our team informed about the business's health, and our weekly changelog keeps everyone updated on our developments.About the RoleAs a Senior Security Engineer, you will be instrumental in advancing our security initiatives, working closely with diverse teams to ensure the reliability and scalability of our products. You will design systems, tools, and solutions that secure our mission-critical applications while contributing to organization-wide efforts to automate, optimize, and enhance our security protocols.Develop security solutions that not only meet rigorous standards but also exceed the expectations of our developers and customers.Play a key role in vital security initiatives, including identity and access management, vulnerability management, incident response, security control implementation, and infrastructure security.Collaborate closely with engineering teams to deliver secure, reliable, and scalable solutions for our valued customers.With our expanding customer base, tackle intriguing technical challenges to scale our product effectively.Participate in the on-call rotation, swiftly addressing and resolving security incidents as they occur.

About League Established in 2014, League Inc. stands at the forefront of healthcare consumer experience (CX) platforms, leveraging cutting-edge artificial intelligence (AI) to connect with over 63 million individuals globally. Our platform enables payers, providers, and health partners to deliver engaging healthcare solutions that enhance health outcomes. With over $285 million in venture funding, League powers the digital experiences of some of healthcare's most reputable brands, including Highmark Health, Manulife, Medibank, and Shoppers Drug Mart.Position SummaryAs a Senior Staff Security Engineer, you will play a pivotal role in shaping the long-term security architecture and strategy for our platform and engineering organization. Our security engineering teams are vital in integrating security measures throughout the development lifecycle and managing vulnerabilities. We believe in a 'security by design' approach, creating or acquiring tools that seamlessly integrate into our platform, empowering engineers to consistently produce high-quality, secure code.Your responsibilities will extend beyond incremental improvements as you tackle significant and complex security challenges. You will design foundational security components, frameworks, and reference architectures, establishing a 'paved road' that minimizes the risk of insecure code deployment. This role is crucial in embedding security and compliance controls into the foundational fabric of League's technology.About the RoleArchitectural Leadership: Define and advocate for the long-term technical security roadmap, architectural patterns, and standards across League's applications, infrastructure, and multi-cloud environments.Cross-Functional Strategy: Serve as the primary security technical advisor to platform, product, and executive leadership, aligning on multi-quarter security initiatives.Security Design Governance: Lead high-stakes, complex security design initiatives to ensure best practices are followed.