Product Security Engineer

Join Movable Ink as a Product Security Engineer and play a pivotal role in safeguarding our codebases, CI/CD pipelines, and overall development practices. In this hands-on position, you'll adopt a security-first mindset while collaborating with engineering teams to streamline software delivery while minimizing risk. Your expertise will be crucial in enhancing automation processes that protect our code and infrastructure, especially in the face of rising threats from AI coding tools and supply chain attacks. This role is vital for proactively identifying and mitigating vulnerabilities before they are deployed to production.

Join Affirm as a Senior Product Security Engineer, where you will play a vital role in safeguarding our products and services against security threats. In this position, you will work closely with cross-functional teams to identify vulnerabilities, design secure systems, and implement robust security measures.Your expertise will help us not only to protect our assets but also to foster trust with our customers. If you're passionate about security and eager to make an impact in a dynamic environment, we want to hear from you!

Join Lattice as a Product Security Engineer and be at the forefront of safeguarding our products and services. In this pivotal role, you will collaborate with cross-functional teams to identify, assess, and mitigate security vulnerabilities throughout the product lifecycle.Your expertise in security best practices will contribute to designing secure systems, conducting threat modeling, and performing security reviews. You will play a crucial role in ensuring our products meet the highest standards of security, protecting both our users and our organization.

As a Staff Product Security Engineer at Affirm, you will play a critical role in safeguarding our products and systems by identifying vulnerabilities and implementing effective security measures. Your expertise will help shape our security strategies, ensuring that we maintain the highest standards of security throughout the product lifecycle.You will collaborate closely with cross-functional teams, providing guidance on security best practices and conducting threat assessments. Your work will directly impact the security posture of our products and the trust of our customers.

Role Overview Wabtec Corporation is seeking a Product Security Designer in Québec. This role focuses on shaping and applying security frameworks to protect the integrity and safety of our products. What You Will Do Design security frameworks for new and existing products Implement measures that safeguard product integrity Work with teams to ensure security standards are met throughout development

We are seeking a talented Product Security Designer to join our innovative team at Wabtec Corporation. As a key player in our design and development processes, you will be responsible for ensuring the highest standards of security in our product offerings. Your expertise will contribute to safeguarding our solutions against emerging threats, enhancing customer trust and satisfaction.

About FaireFaire is a dynamic online wholesale marketplace driven by the belief that the future lies in local commerce. Independent retailers worldwide are achieving greater revenue than giants like Walmart and Amazon combined, yet remain relatively small in stature. At Faire, we harness the power of technology, data, and machine learning to connect this vibrant community of entrepreneurs around the globe. Imagine your favorite local boutique—we empower them to discover the finest products globally to stock their shelves. With the right tools and insights, we aim to level the playing field, enabling small businesses everywhere to compete against large box stores and e-commerce behemoths.By championing the growth of independent enterprises, Faire fosters positive economic impacts within local communities on a global scale. We are on the lookout for intelligent, resourceful, and passionate individuals to join us as we drive the shop-local movement. If you believe in the power of community, we invite you to be a part of ours.Role Description:Our Engineering organization is the backbone of our marketplace, responsible for the software that enables it to function seamlessly. The Product Security team empowers product engineering teams to create and deploy secure software solutions. We prioritize best engineering practices, striving to deliver software that is secure, thoroughly tested, easy to maintain, and capable of scaling to millions of users. We develop scalable, reusable frameworks, consult with product teams, leverage data-driven insights, and continually iterate on our practices.As a Senior Staff Software Engineer in Product Security, you will take on the role of technical lead for the Product Security domain. You will establish the long-term technical vision for integrating security within Faire’s application framework. Collaborating closely with Platform and Product Engineering teams, you will identify and mitigate security vulnerabilities, spearhead significant security initiatives, and mentor engineers across the organization to enhance secure engineering practices.Additionally, you will lead cross-functional programs to embed security deeply within our architecture, pipelines, and developer experience, effectively minimizing risk while maintaining development velocity.In this role, you will:Define the long-term technical strategy for application security at Faire, establishing scalable and developer-friendly frameworks and principles that facilitate secure development across all product areas.

At Confluent, we are not just enhancing technology; we are transforming the way data is utilized. Our innovative platform enables real-time data streaming, allowing businesses to adapt swiftly, create intelligently, and offer experiences that resonate with the ever-changing world.We believe in the power of teamwork and collaboration. Our ideal candidates are those who ask challenging questions, provide constructive feedback, and support one another—no egos, no lone wolves. Just smart, inquisitive individuals working together toward a greater goal.About the Role:As a vital member of our Product Security team, you will play a crucial role in developing impactful security features for Confluent Cloud and enhancing our security platform. Your responsibilities will include designing and implementing identity and access management functionalities, along with scalable authentication and authorization methods such as OAuth, mTLS, RBAC, and ABAC. You will collaborate closely with product, engineering, and InfoSec teams to create seamless yet secure solutions, directly contributing to the enhancement of Confluent Cloud's security framework and ensuring an effortless experience for our users.What You Will Do:Lead the execution of projects independently and deploy them to production with a strong emphasis on quality and customer impact.Work collaboratively with a high-performing team and cross-functional partners to make decisions that benefit both the team and the organization.Diagnose issues, conduct root cause analysis, and enhance operations for complex problems that span multiple cloud environments.Develop clean, well-documented, and maintainable code that complies with established team standards and security best practices.Create value for customers by addressing their most challenging issues.What You Will Bring:2-5 years of relevant experience in software, product, and/or security engineering.Strong fundamentals in the design and development of distributed systems.Experience in building and managing large-scale systems in the cloud.Solid understanding of fundamental systems operations including disk, network, and operating systems.Proficiency in programming languages such as Java, Scala, C/C++, Go, or other statically typed languages.

The Security Product Management team plays a crucial role in maintaining customer trust by ensuring that data security becomes a key market differentiator. This enables MongoDB to thrive in enterprise and regulated sectors. Our team's responsibilities are extensive, encompassing various features such as Networking, Identity and Access Management (IAM), Data Governance, Encryption, Compliance, and Auditing.This position can be performed from our Toronto office or remotely within Canada.

Who are we?At Cohere, our mission is to harness the power of intelligence for the benefit of humanity. We specialize in training and deploying cutting-edge models for developers and enterprises, enabling them to create innovative AI systems that deliver extraordinary experiences in content generation, semantic search, retrieval-augmented generation (RAG), and intelligent agents. Our endeavors are pivotal in accelerating the global adoption of AI technologies.We are dedicated to excellence in our craft. Each team member plays an essential role in enhancing the capabilities of our models and the value they provide to our clients. Our culture is built on hard work, rapid iteration, and a relentless focus on what is best for our customers.Cohere is comprised of a diverse team of researchers, engineers, designers, and more—each a leader in their field. We believe that diverse perspectives are crucial for creating exceptional products.Join us in our quest to shape the future of AI!About the RoleAre you passionate about secure software engineering? Do you aspire to be at the forefront of AI innovation and security? Our North team at Cohere is on the lookout for a Senior Software Engineer focusing on security to join us in our mission and make a substantial impact. This is not merely an advisory position; you will take ownership of and deliver production-level security features that our clients rely upon daily.Your Role:As a Senior Software Engineer with a specialization in security, your contributions will be vital in architecting and securing North's infrastructure. Your responsibilities will encompass:Software Development: Actively participate in the core development of security features like OIDC/OAuth flows and session management, ensuring the security of North's AI agents.Secure Coding: Write robust code to manage OIDC tokens, user claims, and sensitive information, following best practices for JWT validation and encryption.Authentication and Data Protection: Implement authentication protocols, including user login, token management, and authorization checks to safeguard data integrity.Tool Integration: Integrate new security tools to enhance North's capabilities.DevSecOps: Design and execute secret management in Kubernetes clusters, focusing on encryption and role-based access control (RBAC).Cross-functional Collaboration: Utilize strong communication skills to convey security best practices to stakeholders clearly and effectively.You may be a great fit if:You have 5+ years of experience in building secure software applications.You possess a deep understanding of security protocols and practices.You are proficient in coding languages and frameworks relevant to security development.You have a track record of successful collaboration in cross-functional teams.

Protecting Every Identity, from AI to HumanAt Okta, we believe that identity is the cornerstone for harnessing the potential of AI technology. We are dedicated to securing AI by creating a reliable, neutral infrastructure that empowers organizations to confidently navigate this exciting new landscape. This mission demands a relentless commitment to tackling intricate challenges with significant real-world implications. We are searching for innovators and leaders who thrive in a fast-paced environment and deliver results with precision.As a Senior Security Infrastructure Engineer on our Red Team, you will play a pivotal role within the Product Security team, providing critical security assurance for Okta's products, services, and infrastructure. You will be the first dedicated infrastructure and tooling engineer for a small team of operators, working collaboratively alongside them as a peer in a distinct discipline.In this role, you will take ownership of the engineering backbone that supports our operations, focusing on infrastructure, tooling, and automation within the Red Team. Your responsibilities will include designing, building, maintaining, and continuously enhancing the platforms and tools that our operators rely on for executing their engagements.Your contributions will directly enable the team to operate at a higher maturity level, characterized by rapid infrastructure deployment, resilient OPSEC-aware architectures, automated workflows, and dependable custom tools, allowing operators to concentrate on their core mission. Furthermore, you will foster collaboration with stakeholders and elevate the company's security posture through strategic initiatives and proactive measures. As the team grows, this role has the potential to evolve into platform leadership or a hybrid operator/engineer pathway.

Samsara builds Connected Operations Cloud technology that supports organizations in agriculture, construction, field services, transportation, and manufacturing. The platform uses IoT data to help these industries improve safety, efficiency, and sustainability. As a public company, Samsara empowers team members to influence the future of physical operations, offering both independence and support. Role overview The Senior Security Engineer - Enterprise Security focuses on building, operating, and maintaining security infrastructure for Samsara’s corporate environment. This position collaborates with a global engineering team to develop a security engineering program that follows current best practices. What you will do Work with stakeholders to design security solutions that balance protection with usability Develop automated alerting and response tools for security events Contribute insights on potential threats in production environments Mentor and support junior engineers within the security team Requirements Experience with a range of security technologies and practices Ability to collaborate with global engineering teams Strong communication skills for partnering with stakeholders Located in Canada within the Pacific Standard Time zone This is a fully remote position based in Canada, limited to candidates within the Pacific Standard Time zone.

Location: Remote, Canada or US GitLab Inc. is hiring a Software Security Engineer to work remotely from Canada or the US. This role focuses on strengthening security across the GitLab product and developing tools that detect and prevent abuse on SaaS platforms. The position is part of the Trust and Safety team, which manages core abuse prevention systems and delivers features that help keep customers safe, such as Compromised Password Detection for GitLab.com. What you will do Implement security improvements directly within the GitLab product Develop and maintain tools to identify and prevent abuse on SaaS platforms Analyze abuse patterns and trends, designing systems to stop malicious user activity Support customer safety by building and maintaining prevention mechanisms Who this role suits This position is well suited to software engineers who want to move into security engineering. Experience working with large Ruby on Rails codebases is important. Formal security engineering experience is not required. Learn more Additional details about the Trust and Safety team and this role’s responsibilities can be found in the GitLab handbook and blog. For more on Compromised Password Detection, see this post.

Join Homebase as a Staff Security Engineer specializing in Application Security in a hybrid work environment. In this pivotal role, you will be responsible for enhancing our security posture while ensuring that our applications remain safe and secure. You will collaborate with cross-functional teams to identify vulnerabilities, implement security controls, and promote best practices in application development.We seek a proactive individual who is passionate about cybersecurity and eager to contribute to building robust security solutions. You will play a key role in shaping the security framework of our applications.

About RootlyAt Rootly, we are dedicated to transforming how organizations respond to incidents, striving to enhance reliability across all sectors. Our cutting-edge incident management platform empowers companies globally to address incidents swiftly and effectively. We're not just redefining an industry; we're pioneering a new multi-billion dollar segment and require exceptional talent to help us realize this ambitious vision.Our clients include some of the fastest-growing names in the world, such as NVIDIA, Figma, Canva, Tripadvisor, and Squarespace, who trust Rootly to streamline their critical incident management processes. They appreciate our robust, enterprise-ready platform and collaborative partnership model, consistently rating us 5 stars on G2.Our investors share our enthusiasm. Backed by prominent funds including Y Combinator, along with industry leaders from Dropbox and GitHub, we prioritize transparency in our culture. Monthly financial reviews keep our team informed about the business's health, and our weekly changelog keeps everyone updated on our developments.About the RoleAs a Senior Security Engineer, you will be instrumental in advancing our security initiatives, working closely with diverse teams to ensure the reliability and scalability of our products. You will design systems, tools, and solutions that secure our mission-critical applications while contributing to organization-wide efforts to automate, optimize, and enhance our security protocols.Develop security solutions that not only meet rigorous standards but also exceed the expectations of our developers and customers.Play a key role in vital security initiatives, including identity and access management, vulnerability management, incident response, security control implementation, and infrastructure security.Collaborate closely with engineering teams to deliver secure, reliable, and scalable solutions for our valued customers.With our expanding customer base, tackle intriguing technical challenges to scale our product effectively.Participate in the on-call rotation, swiftly addressing and resolving security incidents as they occur.

About League Established in 2014, League Inc. stands at the forefront of healthcare consumer experience (CX) platforms, leveraging cutting-edge artificial intelligence (AI) to connect with over 63 million individuals globally. Our platform enables payers, providers, and health partners to deliver engaging healthcare solutions that enhance health outcomes. With over $285 million in venture funding, League powers the digital experiences of some of healthcare's most reputable brands, including Highmark Health, Manulife, Medibank, and Shoppers Drug Mart.Position SummaryAs a Senior Staff Security Engineer, you will play a pivotal role in shaping the long-term security architecture and strategy for our platform and engineering organization. Our security engineering teams are vital in integrating security measures throughout the development lifecycle and managing vulnerabilities. We believe in a 'security by design' approach, creating or acquiring tools that seamlessly integrate into our platform, empowering engineers to consistently produce high-quality, secure code.Your responsibilities will extend beyond incremental improvements as you tackle significant and complex security challenges. You will design foundational security components, frameworks, and reference architectures, establishing a 'paved road' that minimizes the risk of insecure code deployment. This role is crucial in embedding security and compliance controls into the foundational fabric of League's technology.About the RoleArchitectural Leadership: Define and advocate for the long-term technical security roadmap, architectural patterns, and standards across League's applications, infrastructure, and multi-cloud environments.Cross-Functional Strategy: Serve as the primary security technical advisor to platform, product, and executive leadership, aligning on multi-quarter security initiatives.Security Design Governance: Lead high-stakes, complex security design initiatives to ensure best practices are followed.

About the RoleGreetings! I'm Dave Dowe, the Senior Manager of Security Engineering at Jane. Over the past two years, I've had the privilege of leading our dedicated team that safeguards our platform, focusing on incident response, cloud security, and essential operational functions.Our Security Operations team stands as the frontline of our security program. We are the initial point of contact for team inquiries, diligently monitoring alerts, triaging incidents, and being the go-to individuals when challenges arise. This role is crucial because true security is a collaborative effort; it thrives on trust and open communication between engineering and security teams. In this position, you will have the opportunity to explore AI and automation to streamline workflows, reduce repetitive tasks, and maximize your contributions.We're seeking a candidate who perceives security as a partnership rather than a barrier. You will manage a security service desk, respond to and act upon alerts across our tools, and participate in on-call rotations, all while genuinely supporting the teams you work with. Expect to work with clarity and empathy, build trust through consistent follow-through, and foster a security culture that teams are eager to engage with.This is an L2 position where you'll independently handle defined security operations tasks while closely collaborating with our Enterprise and Cloud Security engineers.Your ImpactReduce operational toil: Innovate security workflows using AI and automation, develop simple tools to ease team efforts, and share insights from your experiences, both successes and lessons learned.Build trust: Foster strong relationships with engineering and cloud teams by addressing security requests with genuine care, clear communication, and dependable follow-through, encouraging teams to seek your guidance early on.Own alert triage and incident response: Ensure prompt and thorough investigation of security findings, escalate issues appropriately, and maintain clear documentation for team learning.Maintain security tools: Keep our security tools well-configured and updated based on hands-on experience, proactively spotting issues to prevent alert fatigue and missed threats.Collaborate in incident response: Efficiently manage on-call shifts, independently resolve incidents where possible, thoughtfully escalate when needed, and view every incident as a learning opportunity.

Overall Purpose: The Network Security Engineer will be responsible for designing and implementing robust network security solutions across all phases of network security. This includes leveraging Managed Security Services encompassing Firewalls, IDS, Proxies, and Routers to safeguard Telecommunications and third-party client networks.Roles & Responsibilities:Deliver intricate network security solutions that support customer billable projects, ensuring timely delivery while meeting both business and technical requirements.Investigate attempts or successful breaches to systems security and devise effective countermeasures.Oversee the maintenance and management of hardware, software, network firewalls, and encryption protocols.Administer security policies to regulate both physical and virtual access to systems.Provide management with insights regarding the detrimental impacts on the business resulting from theft, destruction, alteration, or denial of access to information and systems.

Why join usAt Brex, we are revolutionizing the way businesses manage their finances with our AI-powered spending platform. Our integrated corporate cards, banking services, and global payment solutions empower companies to spend confidently. From startups to multinational enterprises, including well-known names like DoorDash, Flexport, and Compass, our platform enables proactive spend management, cost reduction, and enhanced efficiency worldwide.Joining Brex means embracing challenges and pushing boundaries while collaborating with some of the most talented professionals in the field. We are dedicated to fostering a diverse and inclusive workplace, believing that your potential is limited only by your imagination. We provide the tools, resources, and support necessary for you to advance your career.Engineering at BrexEngineering at Brex focuses on scalability, speed, and purposeful development. Our teams, encompassing Software, Data, Security, and IT, operate with high levels of autonomy and collaboration. We tackle complex technical challenges, take ownership of our results, and strive for excellence at every stage—from architecture to deployment. This is where engineering is an art, and builders emerge as leaders.What you’ll doAs a Senior Application Security Engineer, your primary objective will be to identify and address security vulnerabilities across the Brex platform. You will conduct code reviews, design evaluations, penetration testing, and manage vulnerabilities. Additionally, you will create and enhance tools for both static and dynamic testing of the platform and support secure development workflows. Being part of the broader Financial Scale organization, you will collaborate closely with teams in Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure.We seek individuals with a robust background and passion for penetration testing. You should have a proven track record of discovering vulnerabilities in intricate systems and developing exploits to illustrate their potential impact on the business. This role is highly collaborative and cross-functional, offering opportunities to work with various engineering teams across Brex. You should be excited about engaging with diverse backgrounds and roles. Ensuring world-class security is imperative for delivering world-class financial services.Brex is at the forefront of integrating AI into financial services, catering to dynamic and high-impact organizations like Coinbase, Robinhood, and Anthropic. This role presents a unique opportunity to influence the future of our AI-driven product suite.

Why Choose Brex?At Brex, we are revolutionizing spending through our AI-driven platform. Our integrated solutions for corporate cards, banking, and payments empower businesses to manage their expenses confidently. Trusted by thousands of companies, from innovative startups to established enterprises like DoorDash and Flexport, we enable our clients to optimize spending, cut costs, and enhance efficiency on a global scale.Joining Brex means pushing boundaries, challenging norms, and collaborating with some of the brightest minds in the industry. We are dedicated to fostering a diverse team and an inclusive culture, believing that your potential is only limited by your aspirations. We provide the tools, resources, and support necessary for you to thrive in your career.Engineering at BrexOur engineering team is focused on creating scalable systems with speed and purpose. We operate across Software, Data, Security, and IT, promoting high autonomy and deep collaboration. We tackle complex technical challenges, take ownership of our results, and strive for excellence in all aspects from architecture to deployment. Here, engineering is a craft, and builders evolve into leaders.Your RoleAs a Senior Security Operations Engineer at Brex, your primary responsibility will involve preventing, detecting, and responding to security threats within our corporate and cloud environments. You will leverage existing systems and develop innovative tools to enhance our security posture. Your role encompasses various functions across corporate security, detection and response, and infrastructure security, and you will engage in systems engineering and automation to support these endeavors.Your contributions will extend to our broader Trust & IT organization, collaborating closely with teams in Application Security, Corporate Engineering, GRC, and IT to enhance security configurations, promote positive employee behaviors, and proactively prevent incidents. Additionally, you will help maintain and contribute to our open-source project Substation and have the chance to engage with the Brex Tech Blog. You will be part of a team that actively contributes to the security community and is committed to mentorship and engineering excellence.