CrawlJobs Logo

Security Engineer, Product Security

Germany, Berlin · Job Posted July 08, 2026
Apply Position
Job Link Share

Job Responsibility

  • Take ownership of tasks that improve our security automation and strengthen our product security pipelines
  • Proactively explore the use of AI for vulnerability detection and remediation
  • Continuously learn and share knowledge about how vulnerabilities apply in our specific product context
  • Support the team by enhancing our services with software engineering solutions
  • Collaborate closely with stakeholders across the product department and gain broad exposure to how a growing SaaS company operates
  • Maintain our outbound e-mail security by regularly reviewing the related metrics
  • Maintain our Web Application Firewall ruleset
  • Maintain our central HTML sanitization service written in Typescript

Requirements

  • Practical knowledge of security topics (e.g. penetration testing, secure software development, vulnerability management, SAST, DAST)
  • Programming knowledge, preferably one of the following: TypeScript, JavaScript, Kotlin, Java, Go, or Python
  • Practical knowledge of Unix basics and Kubernetes infrastructure, preferably managed via Terraform and Kustomize
  • Strong communication skills in English (German is a plus)

Nice to have

German is a plus

What we offer

  • Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we’re offering a company pension scheme
  • Volunteers Day - you’ll get one day off per year for supporting a social project

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Security Engineer, Product Security

8 matching positions

Security Engineer, Product Security

We are seeking a highly technical Security Engineer to join our Product Security...
Location
Location
United States , New York, NY; San Francisco, CA; Seattle, WA; Washington, DC
Salary
Salary:
237600.00 - 297000.00 USD / Year
scale.com Logo
Scale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated ability to drive multi-month security initiatives independently, from problem definition through execution, without requiring significant direction
  • Proven experience as a Security Engineer with a focus on product security
  • Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes
  • Strong understanding of modern Javascript application design
  • Production experience operating and securing AWS infrastructure at scale
  • Hands-on experience with SAST and DAST tools and methodologies
  • Familiarity with terraform orchestration for infrastructure management
  • You can structure complex problems and diagnose root causes independently, providing actionable insights without requiring manager input
  • Excellent communication skills, with the ability to clearly present technical concepts and their implications to both technical and non-technical stakeholders
  • Demonstrated ability to influence security strategies and drive improvements within a team
Job Responsibility
Job Responsibility
  • Leverage broad product security expertise to build and maintain software tooling that secures every layer of the modern AI/ML software ecosystem
  • Conduct in-depth code reviews to identify and remediate security vulnerabilities
  • Evaluate and enhance the security of our product offerings, through RFC and service review
  • Implement and maintain CI/CD pipelines with a strong focus on security
  • Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to identify vulnerabilities in production code
  • Utilize terraform orchestration to ensure secure and efficient infrastructure management
  • Guide engineering teams to build robust long-term solutions that consider security and privacy
  • Clearly explain the mechanics and significance of security vulnerabilities, including their exploitability and potential impact
  • Influence the security strategy and direction of the team, advocating for best practices and continuous improvement
What we offer
What we offer
  • Comprehensive health, dental and vision coverage
  • retirement benefits
  • learning and development stipend
  • generous PTO
  • commuter stipend
  • Fulltime
Read More
Arrow Right

Security Engineer, Product Security

We are seeking a highly technical Security Engineer to join our Product Security...
Location
Location
United States , San Francisco; Seattle; New York
Salary
Salary:
189200.00 - 236500.00 USD / Year
scale.com Logo
Scale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience as a Security Engineer with a focus on product security
  • Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes
  • Strong understanding of modern Javascript application design
  • Production experience with Kubernetes backed services
  • Hands-on experience with SAST and DAST tools and methodologies
  • Familiarity with terraform orchestration for infrastructure management
  • Ability to structure complex problems and diagnose root causes independently, providing actionable insights without requiring manager input
  • Excellent communication skills, with the ability to clearly present technical concepts and their implications to both technical and non-technical stakeholders
  • Demonstrated ability to influence security strategies and drive improvements within a team
  • Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus
Job Responsibility
Job Responsibility
  • Conduct in-depth code reviews to identify and remediate security vulnerabilities
  • Evaluate and enhance the security of our product offerings, through RFC and service review
  • Implement and maintain CI/CD pipelines with a strong focus on security
  • Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to identify vulnerabilities in production code
  • Utilize terraform orchestration to ensure secure and efficient infrastructure management
  • Guide engineering teams to build robust long-term solutions that consider security and privacy
  • Clearly explain the mechanics and significance of security vulnerabilities, including their exploitability and potential impact
  • Influence the security strategy and direction of the team, advocating for best practices and continuous improvement
What we offer
What we offer
  • Comprehensive health, dental and vision coverage
  • retirement benefits
  • a learning and development stipend
  • generous PTO
  • additional benefits such as a commuter stipend
  • equity grant
  • Fulltime
Read More
Arrow Right

Senior Security Engineer and Principal Security Engineer (Multiple Positions)- Windows Security

The Microsoft Windows Security team is looking for learn-it-all security enginee...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
Read More
Arrow Right

Senior Application Security / Product Security Engineer

We are seeking an experienced Application Security / Product Security Engineer t...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
Galaxy Office Automation Pvt. Ltd.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of Application Security and Product Security principles
  • Experience with secure SDLC practices
  • Hands-on experience performing security testing for Web applications, APIs, Mobile apps, Thick client applications
  • Knowledge of cloud platforms (AWS / Azure / GCP) and cloud security architecture
  • Experience performing security design reviews and threat modeling
  • Familiarity with OWASP Top 10, API Security Top 10, and common vulnerability classes
  • Experience using security tools such as SAST, DAST, SCA
  • API testing tools
  • Good working knowledge of Excel for tracking vulnerabilities, metrics, and reporting
  • Strong task management and stakeholder coordination skills
Job Responsibility
Job Responsibility
  • Integrate security practices into the Software Development Lifecycle (SDLC)
  • Perform application security design reviews for new and existing products
  • Conduct manual and automated security testing of Web applications, REST / GraphQL APIs, Mobile applications (Android / iOS), Thick client / desktop applications
  • Identify vulnerabilities such as OWASP Top 10, authentication issues, authorization flaws, and API security risks
  • Review cloud architecture and deployments (AWS, Azure, GCP) for security best practices
  • Work with development teams to prioritize and remediate vulnerabilities
  • Perform threat modeling and security architecture assessments
  • Track vulnerabilities, remediation status, and risk metrics using Excel or vulnerability management tools
  • Support secure coding practices and developer security awareness
  • Manage multiple security assessments and coordinate tasks across teams
  • Fulltime
Read More
Arrow Right

Application Security / Product Security Engineer

We are looking for an Application Security / Product Security Engineer to suppor...
Location
Location
European Union
Salary
Salary:
Not provided
itransition.com Logo
Itransition
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–5 years of experience in Application Security, Product Security, DevSecOps, Security Operations, or related cybersecurity roles
  • General understanding of Secure SDLC and application security principles
  • Experience working with security tools or processes related to vulnerability management, CI/CD security, or dependency/security scanning
  • Familiarity with Jira or similar ticketing/tracking systems
  • Understanding of common application security risks and vulnerabilities
  • Ability to document processes and communicate effectively with technical teams
  • English skills sufficient for technical communication and participation in project discussions
Job Responsibility
Job Responsibility
  • Support Software Composition Analysis (SCA) processes and open-source license compliance activities
  • Help implement and maintain secret detection practices, including pre-commit hooks and CI/CD secret scanning
  • Participate in vulnerability management activities: vulnerability scanning, triage and prioritization, Jira ticket tracking, remediation follow-up and SLA monitoring
  • Collaborate with engineering teams to improve Secure SDLC and CI/CD security practices
  • Support security tooling integrations within CI/CD pipelines (e.g., GitHub Actions)
  • Maintain security-related documentation and assist with audit/compliance activities
  • Contribute to asset inventory and security governance processes
  • Work with development and infrastructure teams to improve overall security posture
What we offer
What we offer
  • Projects for such clients as PayPal, Wargaming, Xerox, Philips, Adidas and Toyota
  • Competitive compensation that depends on your qualification and skills
  • Career development system with clear skill qualifications
  • Flexible working hours aligned to your schedule
  • Options to work remotely
  • Corporate medical insurance covering services of private and public medical centers
  • English courses online
  • Corporate parties and events for employees and their children
  • Internal conferences, workshops and meetups for learning and experience sharing
  • Gym membership compensation
  • Fulltime
Read More
Arrow Right

Senior Security Engineer and Principal Security Engineer

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
  • 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
  • 5+ years of experience in a software engineering or security-related engineering
  • Demanstrated experience in security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right