Principal Security Researcher for Spellbook, focused on securing legal AI workflows and sensitive data. Engaging in red teaming, security research, and cross - department collaboration for risk reduction.
About the role
- Senior Product Security Engineer overseeing product security for a growing SaaS company. Challenging role leading security initiatives and collaborating across development teams to fortify applications and infrastructure.
Responsibilities
- Lead secure architecture reviews and threat modeling for new features, major changes, and sensitive workflows/integrations, translating outcomes into concrete mitigations teams can ship.
- Build and evolve secure “paved road” components—standards, defaults, and reusable frameworks—so the secure path is the easiest path.
- Integrate and tune automated controls in CI/CD to prevent vulnerabilities from reaching production.
- Improve developer experience by making security tooling and guardrails easy to use, and serve as a trusted security partner by providing practical guidance so teams can ship secure features faster and reduce repeat issues.
- Perform targeted code reviews and assessments on high-risk areas to proactively identify security issues.
- Continuously improve the processes for intake, prioritization, resolution, and recurrence prevention of vulnerabilities. Coordinate external penetration tests and vulnerability disclosure submissions.
- Partner with DevOps/platform teams to harden infrastructure and embed practical guardrails that reduce risk across cloud environments, IAM, Kubernetes, and deployment pipelines.
- Improve dependency and third-party risk management through scalable workflows that reduce exposure and speed response.
- Define lightweight, outcome-based metrics to focus effort on the highest-impact risk reductions.
- Implement AI-assisted security workflows to improve early detection, reduce noise, and accelerate remediation, with human verification.
- Support triage of infrequent security events impacting the product, and drive post-incident learnings into preventative controls.
Requirements
- 5+ years of experience in product security, application security, security engineering, or equivalent experience as a software engineer or architect with substantial security ownership.
- Hands-on software development experience and the ability to read and write production code in one or more languages (e.g., Python, C#, Ruby, JavaScript/TypeScript).
- Security certifications (e.g., OSCP, OSWE, cloud security certifications) are helpful but not required—demonstrated impact matters most.
Benefits
- Health insurance
- Paid time off
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Security Consultant serving as the main contact for security services at Akamai. Provide guidance and implement solutions for customer needs regarding security products.
Senior IT Security Engineer at NEAR Foundation leading information security program and compliance initiatives. Partnering with IT teams for secure architectural design and risk management.
Bilingual Security Director for International SOS driving revenue growth of health security subscription services in Canada. Supporting consulting, training, and managed services with trusted client relationships.
Program Manager driving complex engineering projects within the Product Security organization at CrowdStrike. Collaborating cross - functionally to ensure timely delivery of security solutions across product portfolios.
Security Engineer focused on matching technology opportunities with customer business objectives at Tenable. Delivering technical presentations and driving successful customer engagements in cybersecurity solutions.
Business Development & Capture Lead for Global Spatial Technology Solutions driving revenue growth in defence sector. Engaging senior stakeholders and leading proposal development across global markets from a remote location.
IT & Security Specialist managing IT operations, security, and infrastructure for Senstar, a leader in security technology. Hands - on role blending end - user support, cybersecurity, and infrastructure management.
HR Systems Security Specialist responsible for design, configuration, and administration of security within Workday and SAP. Collaborating with HR and stakeholders to ensure effective access design and compliance.
Cybersecurity advisor working within the DCYB to develop IT security measures. Collaborating with teams to fortify cybersecurity posture and ensuring data protection for citizens.