Skip to content
Applied IntuitionApplied IntuitionSunnyvale, CA

Product Security Engineer

Embeds security into product design and development lifecycle by analyzing architectures, conducting threat modeling and assessments, maturing vulnerability management, and guiding developers on secure practices. Requires 5+ years in product/application security with expertise in cloud, containers, and automation tools.

125k – 160k
On-site5+ YOESecurity Engineering

About the role

Responsibilities

  • Analyze applications and system architectures from inception to release, identify vulnerabilities, integrate security controls, conduct architecture reviews and threat modeling.
  • Conduct regular security assessments and utilize AI-assisted testing on products and systems to identify and mitigate vulnerabilities.
  • Assist in maturing vulnerability management program and drive risk-contextualized resolutions, collaborating with development teams.
  • Provide continuous guidance and education to developers on secure coding practices, emerging threats, and security best practices.
  • Collaborate with incident response teams on security incidents impacting product operations and create remediation suggestions.
  • Work with software engineers to mature automated SAST and DAST tooling to secure development frameworks and CI/CD pipelines.

Requirements

  • 5+ years of experience as a Security Engineer, Application Security Engineer, or Product Security Engineer in a highly complex, rapidly scaling software organization.
  • Proficiency in modern programming languages (Python, TypeScript, etc.), security tools (Burp Suite, OWASP ZAP), modern security protocols and encryption methods.
  • Implemented AI to identify, validate, and scale security programs.
  • Deep knowledge of container security (Kubernetes), compute constraints, securing ephemeral workloads across AWS, GCP, Azure, and on-premises environments.
  • Hands-on experience deploying, tuning, and automating SAST, DAST, and CI/CD pipeline security tools.
  • Experience configuring and driving remediation through cloud security platforms.
  • Proven experience securing large-scale platform migrations and managing security lifecycles of legacy systems and modern microservices.

Nice to Haves

  • Experience in autonomous vehicle, automotive, aerospace, or defense sectors.
  • Familiarity with physics-based simulation environments, deterministic computing constraints, or HPC clusters.
  • Contributions to open-source security tools, published vulnerability research, or CVEs.

Compensation

  • Base salary: $125,000 - $160,000 USD annually.
  • Includes equity, comprehensive health/dental/vision/life/disability insurance, 401k with employer match, learning/wellness stipends, paid time off.

Skills

PythonTypeScriptKubernetesAWSGCPAzureBurp SuiteOwasp ZapSASTDASTCI/CDSast ToolingDast Tooling
Applied Intuition

Cloud Security Engineer

Applied IntuitionSunnyvale, CA

Secures multi-cloud infrastructure (AWS, Azure, GCP, OCI) with emphasis on Kubernetes hardening, IAM enforcement, CSPM using Wiz, and IaC security. Requires 5+ years experience, deep AWS and Kubernetes security expertise.

125k – 160k
On-site5+ YOESecurity Engineering
Trail of Bits

Security Engineer, Research & Engineering

Trail of BitsUnited States

Designs and builds security tools and frameworks in Rust, C++, Python for AI/ML, compilers, and low-level systems. Contributes to open-source, performs code reviews, and communicates findings via blogs and presentations.

125k – 185k
RemoteSecurity Engineering
Socket

Threat Analyst

SocketUnited States

Analyzes software supply chain threats using AI scanners, conducts malware analysis and threat hunting, builds automation tools, and integrates research into products to protect open source ecosystems. Requires 3+ years in security operations and master's degree.

126k – 170k
Remote3+ YOESecurity Engineering
Pinterest

Security Software Engineer II, Detection and Response

PinterestSan Francisco, CA

Build and improve detection alerts, automation, logging pipelines, and internal tooling to identify and respond to security threats at Pinterest. Requires strong incident response, SIEM, threat hunting, and scripting skills in cloud environments, plus demonstrated responsible use of AI.

124k – 255k
Remote5+ YOESecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k
On-site3+ YOESecurity Engineering