# Security Engineer, Product Security
**Company:** [Scale AI](https://hotfix.jobs/companies/scale-ai)
**Location:** New York, NY, San Francisco, CA, Washington, DC
**Salary:** $206K-$297K
**Skills:** TypeScript, Python, AWS, CI/CD, SAST, DAST, Terraform, Kubernetes, Node.js, JavaScript
**Posted:** 2026-04-10
> Security Engineer conducts code reviews, implements secure CI/CD pipelines, performs SAST/DAST testing, and secures AWS infrastructure using Terraform. Requires expertise in TypeScript, Python, NodeJS, and product security best practices to mitigate vulnerabilities in AI/ML products.
## Job Description
## Responsibilities

- Leverage broad product security expertise to build and maintain software tooling that secures every layer of the modern AI/ML software ecosystem.
- Conduct in-depth code reviews to identify and remediate security vulnerabilities.
- Evaluate and enhance the security of product offerings through RFC and service review.
- Implement and maintain **CI/CD** pipelines with a strong focus on security.
- Perform **SAST** and **DAST** to identify vulnerabilities in production code.
- Utilize **Terraform** orchestration to ensure secure and efficient infrastructure management.
- Guide engineering teams to build robust long-term solutions that consider security and privacy.
- Clearly explain the mechanics and significance of security vulnerabilities, including their exploitability and potential impact.
- Influence the security strategy and direction of the team, advocating for best practices and continuous improvement.

## Requirements

- Proven experience as a Security Engineer with a focus on product security.
- Proficiency in **NodeJS**, **TypeScript**, **Python**, and/or **Kubernetes**.
- Strong understanding of modern Javascript application design.
- Production experience operating and securing **AWS** infrastructure at scale.
- Hands-on experience with **SAST** and **DAST** tools and methodologies.
- Familiarity with **Terraform** orchestration for infrastructure management.
- Ability to structure complex problems and diagnose root causes independently.
- Excellent communication skills to present technical concepts to technical and non-technical stakeholders.
- Demonstrated ability to influence security strategies and drive improvements.

## Nice-to-Haves

- Demonstrated ability to drive multi-month security initiatives independently.
- Relevant security certifications (e.g., **CISSP**, **CEH**, **OSCP**).
**Apply:** https://hotfix.jobs/jobs/security-engineer-product-security-at-scale-ai-59b67706-eda1-4a93-9939-df73064e68e5
**Canonical:** https://hotfix.jobs/jobs/security-engineer-product-security-at-scale-ai-59b67706-eda1-4a93-9939-df73064e68e5