# Senior Product Security Engineer - Customer Platform

**Company:** [Valon](https://hotfix.jobs/companies/valon)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $180k – $230k/yr
**Experience:** 5+ years
**Skills:** GCP, IAM, RBAC, SSO, SAML, OIDC, SCIM, MFA, APIs, Kms, Owasp, Nist, Cis, SOC 2, Python
**Posted:** 2026-05-14

> Designs and evolves product security architecture for multi-tenant SaaS platform, leads threat modeling and security reviews, implements customer-facing security controls like IAM and encryption. Requires 5+ years in product/cloud security, GCP experience, and bachelor's degree.

## Job Description

## Responsibilities
- Define and evolve product security architecture for Valon’s multi-tenant SaaS platform
- Support secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management)
- Build and maintain security reference architectures and standardized secure design patterns for product teams
- Lead threat modeling, security design and code reviews for new features, services, and major architectural changes
- Design and build AI-assisted workflows that automate and accelerate product security areas
- Evaluate AI risks across internal and external applications
- Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks
- Support vulnerability triage, remediation strategy, and root cause analysis for product security issues
- Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence
- Develop, implement, and enforce security policies, standards, and procedures
- Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes

## Ideal Background
- Focused experience in product security, application security, or security architecture roles, with ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities
- Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (**GCP** preferred)
- Experience in SaaS IAM and tenant security (e.g., authentication/authorization, **RBAC**, **SSO/SAML/OIDC**, **SCIM**, **MFA**, audit logs)
- Expertise in designing secure platform controls (e.g., **APIs**, service-to-service auth, **encryption/KMS/CMEK**, logging/monitoring)
- Demonstrated ability to build and maintain security reference architectures
- Strong experience leading threat modeling and security design reviews including security-focused code reviews
- Applied knowledge with industry security and compliance frameworks (**OWASP**, **NIST**, **CIS**, **SOC 2/ISO 27001** concepts)
- Highly hands-on engineer with proven ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently
- Excellent communication and collaboration skills, including the ability to explain complex security concepts to both technical and non-technical stakeholders
- Prior software engineering experience and/or coding ability (**Python**) is preferred

## Minimum Qualifications
- 5+ years in security engineering roles focused on product, application, and/or cloud security
- Bachelor's degree in Information Security, Computer Science, Technology or related field
- Relevant security certifications (e.g., **CISSP**, **CISM**, **CCSK**, **CCSP** or similar)
- Proven ability to design security reference architectures and implement customer platform security controls and technologies (**IAM**, **API security**, encryption/key management, logging/monitoring and others)
- Hands-on experience with modern security technologies and tooling across cloud and application security

## Compensation
- Base Compensation Band: $180K - $230K

## Similar roles

- [Senior GRC Engineer](https://hotfix.jobs/jobs/bfcb5755-185d-4c09-bda1-9f49a4ecb6c8) - Postman - San Francisco, CA - $180k – $200k/yr
- [Senior Application Security Engineer](https://hotfix.jobs/jobs/79016b33-ba89-41bf-b2dc-def7958e241d) - Monarch - Remote - $180k – $215k/yr
- [Senior Security Engineer, GRC](https://hotfix.jobs/jobs/8a3040c3-16a4-42c0-8c91-cbee4a8039b3) - Temporal - Remote - $180k – $225k/yr
- [Senior Security Engineer](https://hotfix.jobs/jobs/48ed30bc-1b7a-42a6-9225-139997bf3b3b) - Kaizen Labs - New York, NY - $180k – $220k/yr
- [Manager, Network Security](https://hotfix.jobs/jobs/675ca948-bd5b-42a9-a275-8767a272094e) - Lumin Digital - Remote - $180k – $200k/yr

**Apply:** https://hotfix.jobs/jobs/cc795f67-baab-4853-8fef-384d076dc632
**Canonical:** https://hotfix.jobs/jobs/cc795f67-baab-4853-8fef-384d076dc632