CrawlJobs Logo
Airtable Logo Airtable · IT - Software Development

Product Security Engineer

United States, San Francisco Employment contract 170000.00 - 277000.00 USD / Year · Job Posted December 05, 2025
Apply Position
Job Link Share

Job Description

Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our rapidly evolving platform. You will partner closely with product teams to ensure our products are secure by design, drive impactful security programs, and build production-ready code that safeguards our users. This is a unique opportunity to influence application security at scale as we expand our AI and LLM-powered offerings.

Job Responsibility

  • Partner with product teams to review product plans, designs, and code for security considerations
  • Lead and implement programs that raise the bar for application and product security
  • Build and ship frameworks that make it easy for product engineers to ship secure code
  • Triage and drive remediation for findings from external penetration testers
  • Research emerging threats and evolving best practices, especially in AI and LLM safety
  • Work with advisors and third party vendors on penetration tests, security reports and compliance projects
  • Contribute to roadmaps, metrics and strategic planning for the product security team

Requirements

  • 2+ years experience in product security and application security
  • Experience shipping production code
  • Skilled at conducting in-depth security reviews and collaborating with engineering teams
  • Proficient in writing clean, maintainable code
  • Hands-on experience with AI product security for LLM-powered products
  • Strong communicator and collaborator, able to drive security initiatives
  • Comfortable making systems as well as breaking them
  • Familiar with JavaScript or TypeScript, Node, Linux, and AWS or comparable technologies
  • Comfortable working in a fast-paced environment and contributing to long-term security strategy

What we offer

  • Benefits
  • Restricted stock units
  • Incentive compensation
Airtable - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Product Security Engineer

8 matching positions

Product Security Engineer

As a Product Security Engineer at Ema, you sit at the intersection of backend en...
Location
Location
India
Salary
Salary:
Not provided
ema.co Logo
Ema
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4–7 years of experience building scalable software systems, with a strong emphasis on security engineering
  • Excellent programming skills (Python required
  • Go or similar strongly preferred)
  • Proven experience building internal tools, and frameworks used by engineering teams
  • Proven ability to build security platforms from zero to production scale
  • Strong judgment translating abstract risk into concrete engineering controls
  • Track record of influencing architecture across product, infra, and reliability teams
  • Comfortable owning ambiguous, high-impact security problems end to end
  • Experience integrating security into CI/CD pipelines and developer workflows
  • Comfortable operating cross-functionally with Product, Engineering, and Infra teams
Job Responsibility
Job Responsibility
  • Design, build, and maintain internal security tools and platforms to improve Ema’s overall security posture
  • Implement and improve security controls directly into product and platform workflows
  • Influence engineering architecture and ensure secure-by-design implementations
  • Own and scale application security programs including SAST, SCA, dependency risk, and custom detection logic
  • Support penetration testing efforts by validating findings and engineering durable fixes
  • Perform threat modeling for new features and systems, translating risks into concrete engineering solutions
  • Develop automation to reduce manual security effort across vulnerability management, access reviews, and incident response
  • Conduct secure design and code reviews with a strong focus on exploitable logic flaws and systemic risks
  • Build tooling to surface security signals from production systems and dev workflows
  • Fulltime
Read More
Arrow Right

Product Security Engineer

We are looking for a highly skilled PSIRT Engineer to lead the vulnerability res...
Location
Location
United States , Foster City
Salary
Salary:
180000.00 - 325000.00 USD / Year
replit.com Logo
Replit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience running or triaging for bug bounty programs (HackerOne ideally)
  • Strong ability to triage, validate, and reproduce vulnerabilities independently
  • Deep understanding of web/app/cloud vulnerability classes, OWASP Top 10, misconfigurations, authN/Z issues, etc.
  • Familiarity with cloud platforms (GCP preferred) and SaaS architectures
  • Strong understanding of CI/CD workflows, code structure, and software engineering fundamentals
Job Responsibility
Job Responsibility
  • Manage intake from bug bounty platforms (HackerOne preferred), customer reports, automated scanners, pentest reports, and coordinated disclosure channels
  • Independently validate, reproduce, severity-score, and document findings
  • Identify duplicates and maintain a clean vulnerability records pipeline
  • Assess relevance and exploitability using OWASP, cloud misconfiguration patterns, and identity/authentication/authorization risks (Oauth, OIDC)
  • Work with Engineering, SecOps, IT, SRE, and Cloud Security to confirm product impact and drive remediation
  • Provide detailed reproduction steps, proof-of-concepts, and technical analyses
  • Track SLAs, remediation progress, regression testing, and systemic improvements
  • Support SOC 2, ISO 27001, and pentest evidence needs as part of vulnerability lifecycle governance
  • Design and evolve the bug bounty program, including scope, rules, and reward structures
  • Manage platform selection, private vs. public launches, and community engagement
What we offer
What we offer
  • Competitive Salary & Equity
  • 401(k) Program with a 4% match
  • Health, Dental, Vision and Life Insurance
  • Short Term and Long Term Disability
  • Paid Parental, Medical, Caregiver Leave
  • Commuter Benefits
  • Monthly Wellness Stipend
  • Autonomous Work Environment
  • In Office Set-Up Reimbursement
  • Flexible Time Off (FTO) + Holidays
  • Fulltime
Read More
Arrow Right

Product Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Germany
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience supporting engineering and product implementation efforts by performing threat assessments, assurance activities, advisory as well as, in some cases, implementation work across distributed systems covering web, API, client/server assets
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure), Kubernetes, Cilium
  • Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, client and network fuzzing tools)
  • Significant development and automation experience, ability to work with C++ code
  • Security as code mindset, with focus on solving problems with automation and scale in mind
Job Responsibility
Job Responsibility
  • Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation
  • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows
  • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing
  • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL)
  • Nurture the engineering - security relationship, identify and implement process and technology improvements
  • Handle information security events and incidents across ClickHouse products and services
  • Develop processes, tooling and automation to scale security processes and mitigate risks to the business
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Product Security Engineer

Product Security Engineer role in the Tech Foundations area. Tech Foundations en...
Location
Location
France
Salary
Salary:
Not provided
alan.com Logo
Alan
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in application and infrastructure security
  • Hands-on experience using Software Security, Product Security or Pentesting techniques to identify and mitigate security vulnerabilities in web and mobile applications
  • Experience in protecting organisations from cyber threats and have experience working with platforms to monitor, detect, and respond to security incidents
  • Familiarity with cloud security and modern web application security
  • Well-versed in Object Oriented Programming such as Python, Java, C#
  • Enthusiastic about web technologies such as modern Javascript
  • Willing to work in Python/JavaScript
  • Passionate about building products
  • Self-starting and entrepreneurial
  • Humble and still willing to grow
Job Responsibility
Job Responsibility
  • Strengthen security posture across the engineering organization
What we offer
What we offer
  • Generous equity packages
  • Flexible Office
  • All the tools you need (Macbook Pro, keyboard, laptop stand, monitor, Bose noise-canceling headphones)
  • Flexible vacation policy and flexible working hours
  • Extremely comprehensive health insurance
  • Country-specific commuter benefits
  • Learning & Training opportunities
  • Personal growth through coaching
  • Extended parental leave
  • Fulltime
Read More
Arrow Right

Product Security Engineer

This role involves working primarily from home as a Product Security Engineer fo...
Location
Location
United States
Salary
Salary:
101900.00 - 234500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Electrical Engineering, Computer Science, or related technical field
  • Background in software engineering including C/C++, Python and/or Golang
  • Ability to read and understand source code in C is a must
  • Minimum 2 years of experience working with cryptographic modules in a technical capacity
  • Minimum 3 years of experience in software development of cryptographic modules
  • Minimum 3 years of experience with certification schemes, including Common Criteria, FIPS, DoDIN
  • Minimum 4 years of experience in a position handling government certifications or security testing.
Job Responsibility
Job Responsibility
  • Assist in the execution of Common Criteria, FIPS, and DoDIN-APL certifications across all HPE Aruba Networking product lines
  • Operate as a representative of HPE Aruba Networking with various accredited labs during the evaluation process
  • Assist in the generation of documentation (e.g. FIPS security policies, CC security targets), whether creating/editing directly or working with an external author
  • Provide consulting, information, and advice to developers and QA around how certification works
  • Attend regularly scheduled meetings with accredited labs and engineering/QA to ensure project milestones are on track
  • Communicate gaps and deficiencies found by accredited testing labs to the relevant engineering and product teams to ensure remediation
  • Monitor government standards and communicate to management and engineering when changes are made that may impact a release
  • Assist in the development, compliance, and maintenance of FIPS compliant cryptographic module(s).
What we offer
What we offer
  • Health & Wellbeing
  • Comprehensive suite of benefits supporting physical, financial, and emotional wellbeing
  • Personal & Professional Development
  • Programs catered to career growth
  • Unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Product Security Engineer

The Senior Security Engineer/Threat Researcher position will be part of Aruba Th...
Location
Location
United States , Remote
Salary
Salary:
101900.00 - 234500.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.S. or M.S. in software engineering, computer science, cybersecurity, or a related field (or equivalent experience)
  • 7+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
  • Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
  • Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks (e.g., Metasploit, Immunity Debugger, Ghidra, or IDA Pro)
  • Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities, as well as mitigation techniques such as ASLR, DEP, and stack canaries
  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF, and insecure deserialization
  • Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
  • Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
  • Demonstrated ability to analyze, exploit, and remediate security vulnerabilities in complex codebases
  • Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws
  • Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested
  • Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public
  • Assist in managing Aruba’s bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities
  • Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
  • Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams
  • Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences
  • Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers.
What we offer
What we offer
  • Comprehensive suite of benefits that supports physical, financial, and emotional wellbeing
  • Specific programs catered to helping employees reach career goals
  • Inclusive working environment.
  • Fulltime
Read More
Arrow Right

Product Security Engineer

The Senior Security Engineer/Threat Researcher position will be part of Aruba Th...
Location
Location
Puerto Rico , Aguadilla
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.S. or M.S. in software engineering, computer science, cybersecurity or a related field (or equivalent experience)
  • 6+ years of professional experience in software engineering, vulnerability research, penetration testing, or a related security discipline
  • Programming experience in C and at least one additional language used for secure software development, such as Rust, Go, or Python
  • Hands-on experience with security testing tools and techniques, such as fuzzing, reverse engineering, and exploit development frameworks (e.g., Metasploit, Immunity Debugger, Ghidra, or IDA Pro)
  • Understanding of memory-unsafe vulnerabilities, including buffer overflows, use-after-free, integer overflows, and format string vulnerabilities, as well as mitigation techniques such as ASLR, DEP, and stack canaries
  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as XSS, SQL injection, XXE, CSRF and insecure deserialization
  • Familiarity with secure coding practices, threat modeling, and static and dynamic application security testing (SAST/DAST) tools
  • Knowledge of modern cryptographic algorithms and security protocols (e.g., TLS, IPsec, OAuth) and their implementation pitfalls
  • Demonstrated ability to analyze, exploit, and remediate security vulnerabilities in complex codebases
  • Strong written and verbal communication skills, with the ability to create detailed technical reports and convey complex concepts to both technical and non-technical stakeholders. English advanced
Job Responsibility
Job Responsibility
  • Conduct advanced security assessments of HPE Aruba networking products, including manual code reviews and penetration testing, to uncover vulnerabilities such as memory-unsafe errors, insecure deserialization, and authentication/authorization flaws
  • Develop proofs of concept (PoCs) to demonstrate the exploitability of identified vulnerabilities and provide actionable remediation guidance to engineering teams when requested
  • Develop and maintain custom tools to assist in vulnerability discovery, exploit development, and tracking and disclosure of vulnerabilities to the public
  • Assist in managing Aruba’s bug bounty program, collaborating with external researchers and product engineering teams to triage, reproduce, and remediate reported vulnerabilities
  • Assist in writing vulnerability disclosure bulletins and managing the process of releasing those bulletins to the public
  • Serve as a subject-matter expert on secure coding practices, particularly in memory-safe and memory-unsafe programming languages, and evangelize these practices across product engineering teams
  • Conduct original security research on non-Aruba products and technologies, including discovering new vulnerabilities, publishing papers, and presenting at leading security conferences
  • Positively represent Aruba in the global security community by fostering collaboration with security researchers while balancing the goals of researchers with the needs of our customers
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Product Security Engineer

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right