The Role
We're seeking a Senior Product Security Engineer who is passionate about building and scaling robust security programs in an AI-forward engineering environment. Reporting to our Head of IT Operations & Information Security, you'll lead efforts to mature our product security initiatives at a pivotal moment of product expansion, ensuring security keeps pace as our developers increasingly leverage AI in their workflows.
A core part of this role is using AI and automation as force multipliers, building security tooling, guardrails, and review processes that scale to match the velocity of AI-assisted development across our engineering org.
This position can be based remotely in the United States.
Key Responsibilities
- Product Security Leadership: Partner with product and engineering teams to integrate security throughout the development lifecycle and drive security initiatives across our stack.
- AI-Augmented Security: Leverage AI and automation to scale product security coverage, matching the pace of AI-assisted development across engineering.
- Security Architecture: Design and implement security controls and architecture that scale with our growing product portfolio.
- Threat Modeling & Risk Assessment: Conduct comprehensive security reviews and threat modeling to identify and mitigate potential vulnerabilities, including risks introduced by AI-generated code and AI-powered features.
- Vulnerability Management: Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts.
- Security Automation: Develop and implement automated security testing, monitoring, and response capabilities, using Tines itself, plus AI-driven tooling, to eliminate manual toil.
- Security Incident Response: Serve as an incident responder during security events and lead post-incident reviews.
- Security Education: Champion security awareness and provide technical guidance to engineering teams, including best practices for secure AI-assisted development.
Qualifications
- 8+ years of experience in application or product security roles, with demonstrated expertise in securing cloud-native applications.
- Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC practices.
- Experience leveraging AI and automation to scale security programs (e.g., LLM-assisted code review, automated triage, agentic security workflows).
- Experience with cloud security (AWS preferred) and securing containerized environments (Docker, Kubernetes).
- Proficiency in modern programming languages; experience with Ruby, TypeScript, and/or Rust is highly desirable.
- Knowledge of security testing methodologies and tools (SAST, DAST, SCA).
- Experience with CI/CD security integration and DevSecOps practices.
- Strong incident response skills and experience participating in on-call rotations.
- Excellent communication skills with ability to translate complex security concepts to diverse audiences.
- Self-motivated with exceptional analytical thinking and problem-solving abilities.
Nice to Haves
- Experience securing AI/ML systems and LLM-powered features (prompt injection, model abuse, data leakage, agentic system risks).
- Familiarity with LLM red-teaming, AI threat modeling frameworks (e.g., MITRE ATLAS, OWASP LLM Top 10), and emerging AI security standards.
- Hands-on experience building agentic or automated security workflows (using Tines or similar platforms).
- Contributions to open-source security tooling or active participation in the security research community (CVEs, conference talks, published research).
- Experience designing secure-by-default developer platforms, paved roads, or golden paths for engineering teams.
- Background in bug bounty triage at scale, or running a public VDP/bug bounty program.
- Familiarity with multi-tenant SaaS security challenges (tenant isolation, authz models, data segregation).
- Experience supporting FedRAMP (Moderate/High) and/or DoD Impact Level (IL4/IL5/IL6) environments.
- Prior experience at a high-growth startup launching new products or expanding into new product lines.
Target Annual Compensation
$218-$235k + equity