# Staff Software Engineer, Product Security

**Company:** [Harvey](https://hotfix.jobs/companies/harvey)
**Location:** San Francisco, CA, New York, NY
**Role:** Security Engineering
**Salary:** $220k – $330k/yr
**Experience:** 8+ years
**Skills:** Product Security, Application Security, Offensive Security, Authentication, Access Control, Cloud Security, AWS, Azure, GCP, Ai/Ml Security, Llm Security, Penetration Testing, Vulnerability Remediation, Secure Coding, Incident Response
**Posted:** 2026-05-01

> Staff Software Engineer builds security into AI platform, owns product security roadmap, reviews critical code like authentication/access control, leads cross-functional initiatives, and mentors engineers on secure practices. Requires 8+ years in product/application/offensive security with proven vulnerability remediation track record.

## Job Description

## What You'll Do
- Define and own the product security roadmap, prioritizing initiatives based on risk, business impact, and engineering org maturity.
- Establish and evolve security posture across the engineering organization, setting standards that scale with the company.
- Partner with Product Engineering, Infrastructure, and Platform teams to incorporate secure design principles at every stage of development.
- Own and review security-critical code across key parts of the product, including authentication and access control.
- Architect secure-by-default libraries and tools that make the secure path the easiest choice for developers.
- Drive mitigation strategies during security-related incident responses, coordinating cross-functional efforts.
- Mentor engineers and raise the security bar across teams through code reviews, design reviews, and technical guidance.

## What You Have
- 8+ years of experience in product security, application security, offensive security, and/or security-focused software engineering.
- Long track record of identifying and remediating software vulnerabilities, demonstrated through CVEs, bug bounty awards, published research, or prior work experience.
- Track record of leading complex cross-functional security initiatives and delivering measurable improvements, with demonstrated ability to influence engineering teams without direct authority.
- Experience mentoring senior engineers and developing security talent within an engineering organization.
- Strong programming skills with demonstrated experience writing high-quality, production software.
- Excellent communication and collaboration skills, particularly when translating security risks into business terms for non-security stakeholders.

## Nice to Have
- Experience building security programs or practices at hyper-growth startups.
- Background with cloud environments (**Azure**, **GCP**, **AWS**) and cloud-native security patterns.
- Experience with **AI/ML** systems and emerging security considerations for **LLM**-based applications.

## Compensation
$220,000 - $330,000

## Similar roles

- [Member of Technical Staff](https://hotfix.jobs/jobs/90540b93-493d-4719-a10e-4610188cee33) - Perplexity - San Francisco, CA - $220k – $405k/yr
- [Staff Engineer, Security](https://hotfix.jobs/jobs/bdcffade-71be-4598-9dca-b39842591fad) - Grow Therapy - Remote - $220k – $240k/yr
- [Staff Software Engineer - Security](https://hotfix.jobs/jobs/05cd80fe-f3ef-490d-b688-a08c67732181) - Skydio - San Mateo, CA - $220k – $270k/yr
- [Senior Staff Software Engineer - IAM](https://hotfix.jobs/jobs/3cfeba29-2514-48ff-81cc-865b8d4dba96) - Databricks - Seattle, WA - $220k – $297k/yr
- [Staff Software Engineer - Security Infrastructure](https://hotfix.jobs/jobs/28273b51-82c1-4414-aac0-445f7ffc29a9) - Databricks - Bellevue, WA - $221k – $241k/yr

**Apply:** https://hotfix.jobs/jobs/52786e42-1bc1-4db2-91eb-ce2814ea3fc1
**Canonical:** https://hotfix.jobs/jobs/52786e42-1bc1-4db2-91eb-ce2814ea3fc1