CrawlJobs Logo
Rogo Logo Rogo · IT - Software Development

Staff Security Engineer, Product

United States, New York City · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

At Rogo, we are building Wall Street's first true AI analyst. Our mission is to empower finance professionals at the world’s top investment banks, private equity funds, and investment firms with AI that delivers unparalleled speed, accuracy, and insight. We are not just improving financial workflows; we are redefining them from the ground up. As a Staff Security Engineer at Rogo, you’ll play a key role in strengthening the security of our products, applications, and cloud environments. You’ll identify and address vulnerabilities through code reviews, penetration testing, and security assessments, while also building tools and automation that improve how we protect our AI-driven platform. You’ll partner closely with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and automated scanning are part of everyday workflows. Beyond engineering, you’ll provide guidance to stakeholders and help continue to foster a culture where security is a shared responsibility.

Job Responsibility

  • Drive product and application security by designing and building backend systems, abstractions, tooling, and guardrails that enable the entire engineering team to ship products secure-by-default
  • Design, build, and maintain backend features, frameworks, services, and automation that enforce security controls across the platform
  • Perform dynamic security reviews, threat modeling, and penetration testing of applications and APIs
  • Own the end-to-end implementation of automated security reviews within Rogo’s SDLC
  • Contribute directly to backend codebases by fixing and remediating vulnerabilities discovered via SAST, DAST, SCA, IaC, or internal tooling
  • Design and implement security tools and automated pipelines that streamline developer workflows and integrate deeply with Rogo’s platform
  • Build and maintain test environments and simulation ranges to validate security controls at scale
  • Partner with engineers across the company to embed secure coding practices and guardrails into CI/CD pipelines
  • Create and maintain secure coding standards and provide guidance and training to developers
  • Review and secure cloud infrastructure and kubernetes deployments, including hands-on Terraform and other IaC improvements, as it relates to product security
  • Respond to security incidents, perform root cause analysis, and strengthen systems against recurring risks
  • Share emerging security threats, patterns, and best practices with engineering and leadership teams

Requirements

  • Strong backend engineer whose primary job is to design, build, and maintain the abstractions, tooling, and guardrails that allow the entire engineering team to ship product securely by default, without slowing down velocity
  • Worked as a backend engineer owning systems, services, or platforms, building security capabilities directly into those systems
  • Professional experience developing in a strongly typed language (e.g., Rust, C++, Java)
  • Demonstrated deep experience in application security testing, penetration testing, and code review
  • You’ve worked with, or are excited to learn, tools that help you understand how systems behave under stress or misuse (security-specific tools like Burp, ZAP, or Snyk are a plus)
  • You’ve integrated automated checks into CI/CD pipelines (SCA, SAST, DAST)
  • You’re comfortable working with infrastructure automation (Terraform or equivalents)
  • Strong communication skills and ability to collaborate with developers, product teams, and leadership
  • Applied knowledge of threat modeling, cryptography fundamentals, and vulnerability management
  • Understanding of security frameworks such as SOC 2, CIS Benchmarks, ISO 27001/42001, or NIST CSF

Nice to have

  • Hands-on cloud security experience in AWS or GCP
  • Familiarity with Kubernetes security (RBAC, admission controllers, ingress, and network policies)
  • Customer facing meetings when deep dive sessions are needed
Rogo - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Staff Security Engineer, Product

8 matching positions

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
United States; Canada , Remote
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
Read More
Arrow Right

Staff Product Security Engineer

We’re seeking a Staff Product Security Engineer with deep AI/ML security experti...
Location
Location
United States , San Francisco
Salary
Salary:
250000.00 - 285000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-10 years of deep hands-on experience in offensive security, including manual penetration testing, red team operations, and adversary simulation
  • Familiarity with modern C2 frameworks (e.g., Cobalt Strike, Sliver, Havoc), exploit development, and security research
  • Strong expertise across the AI/ML stack, including MLOps, inference architectures, vector databases, RAG, and agentic frameworks (e.g., ReAct, Reflexion)
  • Experience building, deploying, and securing LLM pipelines and AI workflows in Kubernetes and/or bare-metal environments
  • Strong software engineering foundations with experience shipping production code in Go, Python, or Rust
  • Hands-on experience securing Kubernetes, containers, VMs, and CI/CD environments
  • Deep understanding of application security vulnerabilities, secure coding practices, and distributed system design
  • Demonstrated ability to lead complex, cross-functional security initiatives end-to-end
  • Strong communication skills with the ability to influence both engineering teams and executive stakeholders
Job Responsibility
Job Responsibility
  • Performing advanced manual penetration testing across complex applications, infrastructure, Kubernetes environments, and distributed microservice ecosystems
  • Leading offensive security initiatives including red team operations, adversary simulation, and security research
  • Securing AI/ML systems end-to-end, including LLM pipelines, vector databases, RAG architectures, and agentic workflows
  • Identifying and researching novel attack surfaces unique to LLMs and autonomous systems, contributing to internal and external AI security research
  • Influencing secure system design across the SDLC, embedding security into CI/CD pipelines, container images, and deployment workflows
  • Integrating and operationalizing security tooling (SAST, DAST, SCA, container scanning) and driving remediation of complex application-layer vulnerabilities
  • Building internal security guardrails such as hardened base images, reusable libraries, and policy-as-code frameworks
  • Developing production-grade security tooling and leading cross-functional security programs from design through deployment
What we offer
What we offer
  • Bonus
  • Restricted Stock Units are included in all offers
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

At Bumble, we’re building secure, AI-powered systems that make trust and safety ...
Location
Location
United States , Austin
Salary
Salary:
255000.00 - 285000.00 USD / Year
bumble.com Logo
Bumble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in Application or Product Security
  • Proven expertise in secure software development, threat modeling, and SDLC integration
  • Hands-on experience building or integrating developer-facing security tools
  • Strong understanding of cloud and container security (AWS, GCP, Kubernetes)
  • Demonstrated ability to influence engineering practices and drive security adoption
  • Excellent communication skills and cross-functional leadership
Job Responsibility
Job Responsibility
  • Research, design, and deliver scalable security tools, frameworks, and automation that streamline secure development
  • Build developer-centric security experiences and self-service capabilities within engineering workflows
  • Leverage AI and Model Context Protocol (MCP) to create intelligent, context-aware security guidance and automation
  • Collaborate with Product and Engineering to embed security into design reviews, sprints, and roadmaps
  • Provide expertise across cloud-native, containerized, and service-oriented architectures (AWS, GCP, Kubernetes)
  • Partner with leaders across Engineering and Product to align security with developer velocity and experience
What we offer
What we offer
  • Maven Fertility - $10,000 lifetime benefit opportunity for reproductive journey support
  • Family & compassionate paid leave
  • 26 weeks parental leave for primary caregiver
  • 26 weeks paid leave for secondary caregiver after 1 year of employment
  • Unlimited paid time off
  • Company-wide week off
  • Focus Fridays - no meetings, deadlines, emails, or Slack on Fridays
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer - Customer Platform

We are seeking a seasoned and highly skilled Staff Product Security Engineer - C...
Location
Location
United States
Salary
Salary:
190000.00 - 260000.00 USD / Year
valon.ai Logo
Valon Tech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years in progressive senior security engineering or architect level roles
  • 3+ years leading security design for enterprise-grade cloud and SaaS platforms
  • Bachelor's degree in Information Security, Computer Science, Technology or related field
  • Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)
  • Proven ability to design security reference architectures and implement customer platform security controls and technologies (IAM, API security, encryption/key management, logging/monitoring and others)
  • Hands-on experience with modern security technologies and tooling across cloud and application security
Job Responsibility
Job Responsibility
  • Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform
  • Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management)
  • Build and maintain security reference architectures and standardized secure design patterns for product teams
  • Lead threat modeling, security design and code reviews for new features, services, and major architectural changes
  • Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks
  • Support vulnerability triage, remediation strategy, and root cause analysis for product security issues
  • Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence
  • Develop, implement, and enforce security policies, standards, and procedures
  • Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes
What we offer
What we offer
  • Competitive salary with a meaningful stake in the company via equity
  • 401k plan
  • Comprehensive medical, dental, & vision benefits
  • Pre-tax deductions for public transportation, rideshare services, and parking expenses
  • Company wide orientation
  • Learning & development opportunities including regular review cycles that feature 360 degree feedback
  • Quarterly budgets for team and company outings
  • Flexible paid time off
  • Sick days
  • 11 company holidays
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

As a Staff Product Security Engineer, you will play a crucial role in safeguardi...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of application security best practices, including experience with threat modeling and risk assessments
  • Demonstrated experience building or improving an SDLC program
  • Familiarity with CI/CD pipelines and their security implications
  • Familiarity with cloud infrastructure (e.g., AWS, Azure, Kubernetes), and Infrastructure-as-Code (e.g., Terraform)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message. You are experienced in communicating with technical and non-technical audiences
  • Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it
  • Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance
Job Responsibility
Job Responsibility
  • Drive the continuous improvement of Dashlane’s security program across the product and company
  • Conduct architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Evaluate and implement security tooling and/or build customized tooling in-house where necessary
  • Participate in Compliance and Incident Response
  • Innovate and propose new forward-looking security features that protect Dashlane and our users
What we offer
What we offer
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption
  • Health insurance covered by Dashlane
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Commute allowance
  • Meal Vouchers (Swile)
  • Mental health services through Spring Health for you and family members
  • 4 extra days off (one per quarter) to acknowledge the importance of your wellbeing
  • Spot in daycare
  • Time off saving account
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

We’re looking for a Staff Product Security Engineer to lead the design and imple...
Location
Location
United States
Salary
Salary:
184000.00 - 252000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in product, application, or cloud security engineering
  • Deep understanding of secure SDLC, threat modeling, and secure architecture design
  • Proven expertise with AWS cloud security concepts and best practices
  • Strong experience with container security, orchestration, and runtime protection
  • Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
  • Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
  • Familiarity with DevSecOps and continuous integration/deployment environments
Job Responsibility
Job Responsibility
  • Embed robust security practices throughout the software and AI development lifecycle (SDLC)
  • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
  • Partner with engineering and product teams to ensure security, privacy, and compliance by design
  • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
  • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
  • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
  • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
  • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
  • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
  • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus, equity, and a generous benefits program
  • Fulltime
Read More
Arrow Right