Skip to content
CapeCapeUnited States

Security Engineer, Product Security

Security Engineer specializing in product security designs and implements AWS security controls, performs vulnerability assessments, integrates security into DevOps, and mentors engineers to protect cloud, mobile core, and app infrastructure. Requires 5+ years experience with 3+ in AWS.

Salary not listed
Remote5+ YOESecurity Engineering

About the role

Responsibilities

  • Design, implement, and manage robust security controls and policies within AWS, focusing on the confidentiality, integrity, and availability of data and services.
  • Perform comprehensive security assessments of cloud environments to identify vulnerabilities, assess risks, and recommend actionable mitigation strategies.
  • Lead the integration of security practices into the DevOps lifecycle, promoting secure development, deployment, and operational processes.
  • Utilize and optimize AWS security tools (Amazon GuardDuty, Amazon Inspector, AWS IAM, AWS KMS, AWS WAF, AWS Shield) and explore third-party solutions.
  • Assist in running penetration tests and security audits, ensuring prompt remediation.
  • Stay informed about latest security threats, vulnerabilities, and compliance mandates; provide strategic guidance.
  • Provide expert mentorship to junior security team members and engineers.
  • Collaborate with stakeholders to integrate security requirements into engineering projects.

Preferred Experience

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent); advanced degrees or certifications (CISSP, AWS Certified Security Specialty) advantageous.
  • Minimum 5 years in information security, with 3+ years in AWS cloud security.
  • Deep understanding of AWS architecture, security services, and best practices.
  • Proficiency in IaC tools (Terraform, AWS CloudFormation) and automating security tasks.
  • Skilled in scripting (Python, TypeScript, Go).
  • Familiarity with containerization, microservices, network security, encryption, secure coding.

Competencies

  • Security expertise: finding/resolving vulnerabilities, bug bounties, secure by design.
  • Strong analytical, collaboration, communication, decision-making, dependability, customer-centric, flexibility, planning skills.

Compensation & Benefits

  • Competitive geo-adjusted compensation with equity.
  • 401(k) match.
  • 100% coverage of medical, dental, vision premiums for you and dependents.
  • 12 weeks paid parental leave.
  • Stipends for family-forming, gender-affirming care.
  • Unlimited PTO.

Skills

AWSAmazon GuarddutyAmazon InspectorAws IamAws KmsAws WafAws ShieldTerraformAws CloudformationPythonTypeScriptGoIacKubernetesDevOps
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k/yr
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k/yr
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k/yr
On-site3+ YOESecurity Engineering