Skip to content
Harvey

Staff Software Engineer, Product Security

Staff Software Engineer on Product Security team owns security roadmap, reviews critical code like authentication/access control, architects secure tools, leads cross-functional initiatives, and mentors engineers to embed security into AI platform development.

220k – 330kNew York, NYSecurity EngineeringHybrid8+ YOE
Apply

About the role

What You'll Do

  • Define and own the product security roadmap, prioritizing initiatives based on risk, business impact, and engineering org maturity.
  • Establish and evolve security posture across the engineering organization, setting standards that scale with the company.
  • Partner with Product Engineering, Infrastructure, and Platform teams to incorporate secure design principles at every stage of development.
  • Own and review security-critical code across key parts of the product, including authentication and access control.
  • Architect secure-by-default libraries and tools that make the secure path the easiest choice for developers.
  • Drive mitigation strategies during security-related incident responses, coordinating cross-functional efforts.
  • Mentor engineers and raise the security bar across teams through code reviews, design reviews, and technical guidance.

What You Have

  • 8+ years of experience in product security, application security, offensive security, and/or security-focused software engineering.
  • Long track record of identifying and remediating software vulnerabilities, demonstrated through CVEs, bug bounty awards, published research, or prior work experience.
  • Track record of leading complex cross-functional security initiatives and delivering measurable improvements, with demonstrated ability to influence engineering teams without direct authority.
  • Experience mentoring senior engineers and developing security talent within an engineering organization.
  • Strong programming skills with demonstrated experience writing high-quality, production software.
  • Excellent communication and collaboration skills, particularly when translating security risks into business terms for non-security stakeholders.

Nice to Have

  • Experience building security programs or practices at hyper-growth startups.
  • Background with cloud environments (Azure, GCP, AWS) and cloud-native security patterns.
  • Experience with AI/ML systems and emerging security considerations for LLM-based applications.

Compensation

$220,000 - $330,000

Skills

Product SecurityApplication SecurityOffensive SecurityVulnerability RemediationAuthenticationAccess ControlCloud SecurityAWSAzureGCPAi/Ml SecurityLlm SecurityIncident ResponseCode ReviewSecure Design

Similar roles

Security Engineering jobs
Perplexity

Member of Technical Staff

Conduct original research on AI system security and privacy, develop defenses and evaluation frameworks, and translate findings into production improvements at Perplexity. Requires PhD or equivalent with publications at top security venues and deep expertise in security domains.

220k – 405kSan Francisco, CASecurity EngineeringOn-site7+ YOEGoRust
Grow Therapy

Staff Engineer, Security

Lead security engineering as the most senior hands-on engineer, shaping multi-year roadmap and building secure-by-default infrastructure including auth, data security, and vulnerability management.

220k – 240kNew York, NY +2Security EngineeringRemote7+ YOEData SecurityAuthorization
Skydio

Staff Software Engineer - Security

As a Staff Software Engineer - Security, you will design, review, and build systems to secure Skydio's cloud and corporate environments. You will partner with cross-functional teams on architectural decisions and build internal security tooling, playing a key role in protecting commercial, government, and DoD customers.

220k – 270kSan Mateo, CASecurity EngineeringHybrid7+ YOEGoAWS
Harvey

Staff Software Engineer, Product Security

Staff Software Engineer builds security into AI platform, owns product security roadmap, reviews critical code like authentication/access control, leads cross-functional initiatives, and mentors engineers on secure practices. Requires 8+ years in product/application/offensive security with proven vulnerability remediation track record.

220k – 330kSan Francisco, CASecurity EngineeringHybrid8+ YOEAWSGCP
Databricks

Senior Staff Software Engineer - IAM

Leads IAM and security engineering to secure Databricks' data platform, plugging infrastructure gaps and building scalable systems. Requires 9+ years in data security, 15+ years in distributed systems, and MS/PhD.

220k – 297kSeattle, WASecurity EngineeringOn-site9+ YOEKubernetesGovernance