Back to jobsApply
Greenlight

The money app for families.

Staff Product Security Engineer

Security EngineerSecurity EngineerFull TimeRemoteTeam 201-500Since 2014H1B SponsorCompany SiteLinkedIn

Location

United States

Posted

3 days ago

Salary

$165K - $200K / year

Bachelor Degree10 yrs expEnglishCloudSDLC

Job Description

• Lead security architecture/design review and threat modeling sessions with product and engineering teams using STRIDE, PASTA and attack tree methodologies. • Translate threats into actionable, risk-rated engineering remediations prioritized by severity. • Conduct hands-on penetration testing and security assessments across our full product stack producing actionable reports for engineering and leadership. • Red-Team our AI powered products and development tools to test for prompt injection, data exfiltration, MCP server exploitation, and tool misuse. Probe AI guardrails to ensure they hold. • Drive PSIRT Operations by triaging incoming vulnerability reports, leading technical investigations, coordinating remediation with engineering, scoring severity (CVSS), managing coordinated disclosure with external researchers and on-call incidents. This includes managing zero day findings, driving remediation, collaborating with engineering to patch or mitigate with compensating controls. • Shape the posture of our AI assisted development environment defining and enforcing enterprise policies for claude and cursor. • Partner across the organization, sitting in design review with architects, advising product managers and engineering teams on security and compliance implications of new features, briefing executives on emerging AI threats, mentoring junior security engineers and collaborating with the AI team on securing ML pipelines. • Champion Security Culture by running developer training on secure coding with AI assistants, evangelizing security by design for products and ensuring every engineer understands that product security is an enabler and not a gate.

Job Requirements

  • 10+ years of product security experience spanning application security, cloud security, and secure SDLC. you will have full SDLC experience from design through development, deployment and incident response.
  • Expert level Threat Modeling using STRIDE, PASTA or equivalent across web, mobile, cloud, embedded and AI systems.
  • Hands-on penetration testing skills across applications, API, cloud infrastructure, and hardware/firmware. You think like an attacker and you can provide it through published research, CVE discoveries, bug bounty results or red-team engagements.
  • PSIRT operational experience from vulnerability intake and triage. You are fluent in CVE, CVSS, FIRST PSIRT frameworks.
  • Deep hands down AI security expertise and expert level understanding of OWASP Top 10 for LLM, API, Web, Mobile and have practical experience with MITRE.
  • Strong hands-on experience in security tools SAST, DAST, SCA, and securing AI development tools specifically Claude and Cursor.
  • You understand MCP security risks and know how to architect enterprise guardrails that enable safe AI-assisted development. You have defined policies for AI generated code, secrets scanning, and DLP for outbound AI traffic.
  • Strong programming ability enough to review code, build security tools, automate workflows and be credible with the engineering teams you partner with.
  • Ability to influence without authority, mentor without managing , and communicate complex risks in a language that resonates with engineers, product managers, legal and compliance and executives alike.

Benefits

  • Medical, dental, vision, and HSA match
  • Paid life insurance, AD&D, and disability benefits
  • Traditional 401k with company match
  • Unlimited PTO
  • Paid company holidays and pop-up bonus holidays
  • Professional development stipends
  • Mental health resources
  • 1:1 financial planners
  • Fertility healthcare
  • 100% paid parental and caregiving leave, plus cleaning service and meals during your leave
  • Flexible WFH, both remote and in-office opportunities
  • Fully stocked kitchen, catered lunches, and occasional in-office happy hours
  • Employee resource groups

Related Categories

Security Engineer

Related Job Pages

Remote Full-time Jobs (US)More US Remote Jobs

More Security Engineer Jobs

Senior Security Engineer – Infrastructure & Automation

Webflow

Webflow is the way to design, build, and launch powerful websites visually — without coding.

Security Engineer3 days ago
Full TimeRemoteTeam 501-1,000Since 2013H1B Sponsor
Company SiteLinkedIn

Senior Security Engineer enhancing Webflow's infrastructure security for cloud environments

AWSCloudFirewallsGoogle Cloud PlatformJavaScriptKubernetesPythonTerraformGo
View details: Senior Security Engineer – Infrastructure & Automation
California
$139K - $198K / year
Apply

Lead Security Engineer

Swiftly, Inc.

Making cities move more efficiently

Security Engineer3 days ago
Full TimeRemoteTeam 51-200H1B No Sponsor
Company SiteLinkedIn

The Lead Security Engineer will own the security risk register and threat models, driving remediation across application and infrastructure, while designing secure architectures for SaaS, mobile, and IoT integrations. This role also involves leading compliance renewals like SOC 2, defining security standards, and building DevSecOps guardrails into CI/CD pipelines.

AWSTerraformCI/CDDevSecOpsSOC 2IAMNetworkingLoggingMonitoringSecrets ManagementPolicy-as-CodeOPASentinelContainer SecurityOrchestration SecurityThreat ModelingRisk AssessmentIncident ResponseApplication Security
View details: Lead Security Engineer
United States + 1 moreAll locations: United States, Canada
$140K - $200K / year
Apply

High School Science Teacher 2026 - 2027

Stride, Inc.

Making learners future-ready

Security Engineer3 days ago
Full TimeRemoteTeam 5,001-10,000Since 2000H1B No Sponsor
Company SiteLinkedIn

The High School Science Teacher is responsible for delivering specific course content in an online environment, providing instruction, managing the learning process, and actively working with students and parents to advance learning goals. Essential functions include providing engaging synchronous and asynchronous learning experiences, differentiating instruction, maintaining the grade book, and preparing students for high-stakes standardized tests.

View details: High School Science Teacher 2026 - 2027
United States
Apply

Cybersecurity Engineer

Talent Frequency
Security Engineer3 days ago
Full TimeRemote

We are seeking a Cybersecurity Engineer to help protect our organization's systems, networks, and data from cyber threats. This role will design, implement, and maintain security controls and technologies while monitoring and responding to security incidents. The ideal candidate ...

SIEMIDSIPSEDRFirewallEndpoint SecurityVulnerability ManagementIncident ResponseNetwork SecurityAWSAzureGCPPythonBashPowerShellPenetration TestingThreat HuntingDevSecOpsNISTISO 27001CIS
View details: Cybersecurity Engineer
United States
Apply