CrawlJobs Logo

Staff Product Security Engineer

crusoe.ai Logo

Crusoe

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

250000.00 - 285000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We’re seeking a Staff Product Security Engineer with deep AI/ML security expertise to strengthen Crusoe’s security posture across applications, infrastructure, and distributed AI systems. This is a highly technical role focused on advanced penetration testing, AI/ML attack surface research, and building secure-by-design guardrails that engineering teams rely on. You’ll operate at the intersection of offensive security, AI systems, and production engineering; owning security outcomes end-to-end while influencing system design across the organization.

Job Responsibility:

  • Performing advanced manual penetration testing across complex applications, infrastructure, Kubernetes environments, and distributed microservice ecosystems
  • Leading offensive security initiatives including red team operations, adversary simulation, and security research
  • Securing AI/ML systems end-to-end, including LLM pipelines, vector databases, RAG architectures, and agentic workflows
  • Identifying and researching novel attack surfaces unique to LLMs and autonomous systems, contributing to internal and external AI security research
  • Influencing secure system design across the SDLC, embedding security into CI/CD pipelines, container images, and deployment workflows
  • Integrating and operationalizing security tooling (SAST, DAST, SCA, container scanning) and driving remediation of complex application-layer vulnerabilities
  • Building internal security guardrails such as hardened base images, reusable libraries, and policy-as-code frameworks
  • Developing production-grade security tooling and leading cross-functional security programs from design through deployment

Requirements:

  • 8-10 years of deep hands-on experience in offensive security, including manual penetration testing, red team operations, and adversary simulation
  • Familiarity with modern C2 frameworks (e.g., Cobalt Strike, Sliver, Havoc), exploit development, and security research
  • Strong expertise across the AI/ML stack, including MLOps, inference architectures, vector databases, RAG, and agentic frameworks (e.g., ReAct, Reflexion)
  • Experience building, deploying, and securing LLM pipelines and AI workflows in Kubernetes and/or bare-metal environments
  • Strong software engineering foundations with experience shipping production code in Go, Python, or Rust
  • Hands-on experience securing Kubernetes, containers, VMs, and CI/CD environments
  • Deep understanding of application security vulnerabilities, secure coding practices, and distributed system design
  • Demonstrated ability to lead complex, cross-functional security initiatives end-to-end
  • Strong communication skills with the ability to influence both engineering teams and executive stakeholders

Nice to have:

  • Public contributions to offensive security or AI security research (talks, blogs, tooling, CVEs, etc.)
  • Experience building internal red team or adversary simulation programs
  • Background in high-performance computing, AI infrastructure, or cloud-native platform security
  • Experience designing policy-as-code frameworks at scale
What we offer:
  • Bonus
  • Restricted Stock Units are included in all offers

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Crusoe - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Staff Product Security Engineer

Staff Product Security Engineer

As a Staff Product Security Engineer, you will play a crucial role in safeguardi...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of application security best practices, including experience with threat modeling and risk assessments
  • Demonstrated experience building or improving an SDLC program
  • Familiarity with CI/CD pipelines and their security implications
  • Familiarity with cloud infrastructure (e.g., AWS, Azure, Kubernetes), and Infrastructure-as-Code (e.g., Terraform)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message. You are experienced in communicating with technical and non-technical audiences
  • Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it
  • Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance
Job Responsibility
Job Responsibility
  • Drive the continuous improvement of Dashlane’s security program across the product and company
  • Conduct architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Evaluate and implement security tooling and/or build customized tooling in-house where necessary
  • Participate in Compliance and Incident Response
  • Innovate and propose new forward-looking security features that protect Dashlane and our users
What we offer
What we offer
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption
  • Health insurance covered by Dashlane
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Commute allowance
  • Meal Vouchers (Swile)
  • Mental health services through Spring Health for you and family members
  • 4 extra days off (one per quarter) to acknowledge the importance of your wellbeing
  • Spot in daycare
  • Time off saving account
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

We’re looking for a Staff Product Security Engineer to lead the design and imple...
Location
Location
United States
Salary
Salary:
184000.00 - 252000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in product, application, or cloud security engineering
  • Deep understanding of secure SDLC, threat modeling, and secure architecture design
  • Proven expertise with AWS cloud security concepts and best practices
  • Strong experience with container security, orchestration, and runtime protection
  • Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
  • Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
  • Familiarity with DevSecOps and continuous integration/deployment environments
Job Responsibility
Job Responsibility
  • Embed robust security practices throughout the software and AI development lifecycle (SDLC)
  • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
  • Partner with engineering and product teams to ensure security, privacy, and compliance by design
  • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
  • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
  • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
  • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
  • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
  • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
  • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus, equity, and a generous benefits program
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

At hyperexponential, we’re building the AI-powered platform that enables the wor...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
hyperexponential.com Logo
hyperexponential
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built or significantly contributed to security programmes from the ground up, establishing foundational security controls, compliance readiness, and incident response capabilities
  • Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent), including multi-account strategies, identity and access management, network security, and data protection
  • Driven technical security improvements by writing code, building tools, and implementing controls that scaled with company growth
  • Integrated security into development workflows through DevSecOps practices including automated testing, secrets management, container security, and infrastructure-as-code security
  • Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar), mapping technical controls to compliance requirements and guiding teams through audit cycles
  • Built trust with engineering teams by contributing technically and making security collaborative and frictionless
  • Balanced security rigor with business goals, making risk-based trade-offs that enabled growth while protecting customers and the business
  • Evaluated security implications of AI/ML systems, including understanding AI-specific risks and implementing controls to secure them
Job Responsibility
Job Responsibility
  • Build hx's security programme from the ground up, setting direction for security architecture, compliance, and incident response as we scale globally
  • Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform, ensuring systems are secure by design
  • Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines without slowing teams down
  • Lead or contribute to compliance initiatives (SOC2, ISO27001) by implementing technical controls and working cross-functionally with legal, engineering, and business teams to enable enterprise sales
  • Build security automation and tooling by writing code and scripts that scale security practices, detect vulnerabilities, and enforce policies efficiently
  • Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions
  • Act as a trusted voice in critical moments: responding to incidents, unblocking teams on security questions, and keeping high-stakes initiatives secure and on track
  • Assess and secure AI-powered systems across hx's platform, implementing controls that enable safe adoption of AI while mitigating risks like prompt injection, data leakage, and model vulnerabilities
What we offer
What we offer
  • £5,000 training and conference budget for individual and group development
  • 25 days of holiday plus 8 bank holidays (33 days total)
  • Company pension scheme via Penfold
  • Mental health support and therapy via Spectrum.life
  • Individual wellbeing allowance via Juno
  • Private healthcare insurance through AXA
  • Income protection and Life Insurance
  • Cycle to Work Scheme
  • Top-spec equipment (laptop, screens, adjustable desks, etc.)
  • Regular remote and in-person hackathons, lunch and learns, socials, and game nights
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

At hyperexponential, we’re building the AI-powered platform that enables the wor...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
hyperexponential.com Logo
hyperexponential
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built or significantly contributed to security programmes from the ground up
  • Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent)
  • Driven technical security improvements by writing code, building tools, and implementing controls
  • Integrated security into development workflows through DevSecOps practices
  • Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar)
  • Evaluated security implications of AI/ML systems
Job Responsibility
Job Responsibility
  • Build hx's security programme from the ground up
  • Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform
  • Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines
  • Lead or contribute to compliance initiatives (SOC2, ISO27001)
  • Build security automation and tooling by writing code and scripts
  • Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions
What we offer
What we offer
  • Share Options
  • 25 days of non-working + 14 Polish bank holidays (B2B) / 26 days of holiday + 14 Polish bank holidays (UoP)
  • £5,000 budget for Learning & Development
  • Mental Health Support and Therapy via Spectrum Life
  • Optional access to Healthcare package provided by Luxmed + Multisport (B2B)
  • Top-spec laptop (MacOS or Windows)
  • Company pension (UoP)
  • 10 days company sick pay at 100% salary (UoP)
  • Monthly wellbeing allowance via Juno (UoP)
  • Healthcare package provided by Luxmed (UoP)
  • Fulltime
Read More
Arrow Right

Staff Cloud Security Engineer

We're making the world of digital assets accessible and secure for everyone. Joi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in DevSecOps & automation, security assessment, and cloud-native environments
  • 8+ years of experience on information security
  • Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
  • Hands-on experience with security tooling deployment, monitoring, and incident response
  • Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders
  • Excellent presentation and written communication skills
  • Ability to work autonomously, deal with ambiguity, and handle high-pressure situations.
Job Responsibility
Job Responsibility
  • Collaborate with the Infrastructure, the engineering and the Donjon teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities
  • Work closely with the Donjon, the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline
  • Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure
  • Participate in the design and implementation of security architectures, from the design to the risk assessment
  • Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis
  • Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

Designs, develops, troubleshoots and debugs security programs for software enhan...
Location
Location
United States
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Information Systems, or equivalent
  • Typically 6-10 years experience in a security role
  • Extensive experience with product security for multiple software systems design tools and languages
  • Excellent analytical and problem solving skills
  • Experience in overall architecture of software systems for products and solutions
  • Designing and integrating software systems running on multiple platform types into overall security architecture
  • Evaluating forms and processes for software systems security testing and methodology, including writing and execution of test plans, debugging, and testing scripts and scanning tools
  • Excellent written and verbal communication skills
  • mastery in English and local language
Job Responsibility
Job Responsibility
  • Leads multiple projects & teams of other software systems engineers and internal and outsourced development partners to integrate security into all stages of design and development for complex products and platforms, including solution design, analysis, coding, testing, and integration
  • Manages and expands relationships with internal and outsourced development partners on software systems secure design and development
  • Reviews and evaluates designs and project activities for compliance with systems design and security guidelines and standards
  • provides tangible feedback to improve product quality and mitigate failure risk
  • Provides security expertise, leadership and perspective to cross-organization projects, programs, and activities
  • Drives innovation and integration of new technologies into projects and activities in the software systems design organization
  • Provides guidance and mentoring to less- experienced staff members
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy