# Product Security Engineer

**Company:** [Launchdarkly](https://hotfix.jobs/companies/launchdarkly)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $116k – $187k/yr
**Experience:** 2+ years
**Skills:** Threat Modeling, Stride, Attack Trees, Cnapp, SAST, Sca, Owasp Top 10, Authentication, Authorization, Secrets Management, Cloud Security, AI Tools
**Posted:** 2026-05-15

> Product Security Engineer II responsible for leading threat modeling, triaging CNAPP findings, contributing to SDLC tooling, and partnering with engineering teams to embed security practices. Requires 2-4 years in security roles with strong cloud security and AI tooling experience.

## Job Description

## Responsibilities
- Lead threat modeling engagements on the features and services where the risk warrants it.
- Partner with the ProdSec lead to evolve the practice from on-request to repeatable, with clear criteria for when an engagement is worth running.
- Own day-to-day triage of CNAPP findings end to end. Investigate, prioritize, route to service owners, and close the loop. Look for patterns that point to systemic fixes instead of one-off cleanup.
- Contribute to SDLC tooling, SAST/SCA workflows, and bug bounty triage as the team's work demands.
- Partner with product engineering teams as a trusted reviewer. Catch issues early, explain the why, propose paths forward. Say no when needed, with reasons and alternatives.
- Bring AI to the work. Use it to accelerate triage, summarize findings, draft threat models, scan code, and reduce toil. Help the team build durable patterns for safe and effective use, not one-off prompts.
- Push the security floor up over time through documentation, office hours, small tooling improvements, and the kind of compounding work that prevents incidents rather than responds to them.

## Requirements
- 2 to 4 years of full-time experience in a security-focused role. AppSec, ProdSec, or cloud security preferred.
- Comfortable reading and critiquing pull requests in a modern stack. You don't need to ship production services, but you should follow the code, ask sharp questions, and write small tools when it helps.
- Experience participating in or leading threat modeling exercises. Familiar with at least one structured approach (STRIDE, attack trees, or equivalent).
- Working knowledge of cloud security posture. Exposure to a CNAPP is a strong plus.
- Strong fundamentals: OWASP Top 10, authentication and authorization patterns, secrets management, common cloud misconfigurations.
- Hands-on experience applying AI tooling to security or engineering work. You can point to specific examples where it changed how you operated.

## Nice to Haves
- Experience with developer tools, SaaS platforms, or feature management
- Bug bounty triage experience (HackerOne, Bugcrowd)
- Familiarity with Go, Python, or TypeScript
- Contributions to internal security tooling or open-source security projects

## Compensation
- Target pay ranges based on Geographic Zones for Level 2:
  - Zone 1: San Francisco/Bay Area or NYC Metropolitan Area, Boston, Seattle - $136,000 - $187,000
  - Zone 2: Irvine, LA, Monterey, Santa Barbara, Santa Rosa, Austin, Portland, Philadelphia, Chicago - $122,000 - $168,000
  - Zone 3: All other US locations - $116,000 - $159,000
- RSUs, health, vision, and dental insurance, and mental health benefits in addition to salary.

## Similar roles

- [Security Analyst II](https://hotfix.jobs/jobs/8092f2d0-845d-49d4-befe-79505a945a42) - Garner Health - Remote - $117k – $130k/yr
- [Security Engineer](https://hotfix.jobs/jobs/5f613312-05a1-4e48-a4d1-30b5c878e42e) - DAT Freight & Analytics - Denver, CO - $114k – $149k/yr
- [Threat Detection Engineer](https://hotfix.jobs/jobs/e83d0bae-9446-4fac-99f9-8a74df79079c) - Idme - Mountain View, CA - $113k – $140k/yr
- [Security Analyst](https://hotfix.jobs/jobs/c3e3b1f4-800c-4d5a-bedc-5b1f483ba224) - Aptos - Remote - $120k – $180k/yr
- [SecOps Engineer](https://hotfix.jobs/jobs/9d224f47-466c-48cd-b229-442b2b6fbb99) - Upstart - Remote - $112k – $155k/yr

**Apply:** https://hotfix.jobs/jobs/baf5fbe7-2c47-42d7-87d6-16076cc2f126
**Canonical:** https://hotfix.jobs/jobs/baf5fbe7-2c47-42d7-87d6-16076cc2f126