Skip to content
LaunchdarklyLaunchdarklyCalifornia

Product Security Engineer

Product Security Engineer II responsible for leading threat modeling, triaging CNAPP findings, contributing to SDLC tooling, and partnering with engineering teams to embed security practices. Requires 2-4 years in security roles with strong cloud security and AI tooling experience.

116k – 187k
Remote2+ YOESecurity Engineering

About the role

Responsibilities

  • Lead threat modeling engagements on the features and services where the risk warrants it.
  • Partner with the ProdSec lead to evolve the practice from on-request to repeatable, with clear criteria for when an engagement is worth running.
  • Own day-to-day triage of CNAPP findings end to end. Investigate, prioritize, route to service owners, and close the loop. Look for patterns that point to systemic fixes instead of one-off cleanup.
  • Contribute to SDLC tooling, SAST/SCA workflows, and bug bounty triage as the team's work demands.
  • Partner with product engineering teams as a trusted reviewer. Catch issues early, explain the why, propose paths forward. Say no when needed, with reasons and alternatives.
  • Bring AI to the work. Use it to accelerate triage, summarize findings, draft threat models, scan code, and reduce toil. Help the team build durable patterns for safe and effective use, not one-off prompts.
  • Push the security floor up over time through documentation, office hours, small tooling improvements, and the kind of compounding work that prevents incidents rather than responds to them.

Requirements

  • 2 to 4 years of full-time experience in a security-focused role. AppSec, ProdSec, or cloud security preferred.
  • Comfortable reading and critiquing pull requests in a modern stack. You don't need to ship production services, but you should follow the code, ask sharp questions, and write small tools when it helps.
  • Experience participating in or leading threat modeling exercises. Familiar with at least one structured approach (STRIDE, attack trees, or equivalent).
  • Working knowledge of cloud security posture. Exposure to a CNAPP is a strong plus.
  • Strong fundamentals: OWASP Top 10, authentication and authorization patterns, secrets management, common cloud misconfigurations.
  • Hands-on experience applying AI tooling to security or engineering work. You can point to specific examples where it changed how you operated.

Nice to Haves

  • Experience with developer tools, SaaS platforms, or feature management
  • Bug bounty triage experience (HackerOne, Bugcrowd)
  • Familiarity with Go, Python, or TypeScript
  • Contributions to internal security tooling or open-source security projects

Compensation

  • Target pay ranges based on Geographic Zones for Level 2:
    • Zone 1: San Francisco/Bay Area or NYC Metropolitan Area, Boston, Seattle - $136,000 - $187,000
    • Zone 2: Irvine, LA, Monterey, Santa Barbara, Santa Rosa, Austin, Portland, Philadelphia, Chicago - $122,000 - $168,000
    • Zone 3: All other US locations - $116,000 - $159,000
  • RSUs, health, vision, and dental insurance, and mental health benefits in addition to salary.

Skills

Threat ModelingStrideAttack TreesCnappSASTScaOwasp Top 10AuthenticationAuthorizationSecrets ManagementCloud SecurityAI Tools
Garner Health

Security Analyst II

Garner HealthUnited States

Security Analyst managing SecOps/SOC, threat monitoring, incident response, and log analysis using Wiz, Datadog, SQL across Kubernetes/AWS. Builds automated security controls with Python/Go/TypeScript and leverages LLMs for analytics; requires 2+ years SOC experience.

117k – 130k
Remote2+ YOESecurity Engineering
DAT Freight & Analytics

Security Engineer

DAT Freight & AnalyticsDenver, CO

Security Engineer responsible for implementing security controls, building automation workflows, and embedding security into SDLC and cloud infrastructure. Requires 2-4 years of cybersecurity or cloud security experience.

114k – 149k
Hybrid2+ YOESecurity Engineering
Idme

Threat Detection Engineer

IdmeMountain View, CA

Develop and optimize high-fidelity threat detections across SIEM/SOAR platforms using Python, SQL, and AI/ML techniques. Focus on LLM-assisted workflows, AI-specific threat detection, and infrastructure-as-code for scalable security operations.

113k – 140k
On-site2+ YOESecurity Engineering
Aptos

Security Analyst

AptosUnited States

The Security Analyst will operate and scale security across the organization, supporting core security workflows such as phishing response, bug bounty operations, access governance, and operational security hygiene. This is a hands-on, cross-functional role offering broad exposure across security operations, access governance, and threat response.

120k – 180k
Remote2+ YOESecurity Engineering
Upstart

SecOps Engineer

UpstartUnited States

SecOps Engineer building automated response mechanisms, triaging alerts, hunting threats, and supporting incident response with AI and SOAR tools. Requires strong logging skills, Python, and Git experience in a security-focused environment.

112k – 155k
RemoteEntry levelSecurity Engineering