Product Security Engineer (Cybersecurity)

TL;DR

Product Security Engineer (Cybersecurity): Embedding robust security practices into the software development lifecycle across multiple product teams with an accent on application security governance, SAST/DAST optimization, and threat modeling. Focus on building secure-by-default standards, automating vulnerability detection, and guiding engineering teams in cloud-native AWS environments.

Location: Flexible-hybrid model; must be able to travel to and from the office safely for weekly visits.

Salary: £60,000–£75,000

Company

A software company providing solutions for database management across the DevOps lifecycle to help professionals manage and protect business-critical data.

What you will do

• Partner with product teams to define and operationalize security requirements across the SDLC.
• Audit application code for weaknesses and vulnerabilities while owning application security governance.
• Drive SAST/DAST adoption through tool tuning, severity calibration, and scalable remediation workflows.
• Support threat modeling sessions for new features and high-risk services to turn findings into actionable work.
• Provide product security guidance for cloud-native environments using AWS and containerized workloads.
• Contribute secure shared libraries and perform targeted security testing to validate controls.

Requirements

• Hands-on experience in product or application security within a modern SDLC.
• Strong knowledge of OWASP Top 10 and practical mitigation patterns.
• Experience implementing or improving SAST/DAST processes and workflows.
• Understanding of cloud and container security fundamentals (AWS, Docker).
• Proficiency in the C#/.NET ecosystem, with ability to review code and communicate security issues effectively.
• Must be able to attend the office on a weekly basis.

Nice to have

• Familiarity with OWASP ASVS.
• Experience with Java, TypeScript, or Python.
• Knowledge of AI security implementation including LLMs and SLMs.

Culture & Benefits

• Flexible-hybrid working model with a blend of remote and office-based work.
• Competitive salary and comprehensive health coverage.
• Monthly wellbeing allowance and employee assistance program.
• Generous paid time off and flexible working arrangements.
• Focus on diversity, equity, inclusion, and belonging with active internal forums.

Hiring process

• Initial conversation to discuss the role and company culture.
• Skills alignment interview involving technical assessments or competency-based discussions.
• Values alignment interview to ensure a good fit.