Product Security Engineer (Cybersecurity)

TL;DR

Product Security Engineer (Cybersecurity): Driving the full vulnerability lifecycle and building autonomous security systems for an identity verification platform with an accent on scaling security across teams and products. Focus on designing AI-powered security tooling, managing bug bounty programs, and integrating security into the SDLC.

Location: Hybrid, Based in San Francisco, CA. Relocation assistance available.

Salary: $150k – $220k

Company

Configurable identity platform built for businesses in a digital-first world, serving clients like Reddit and OpenAI.

What you will do

• Drive the full vulnerability lifecycle and manage responses to external threats.
• Design and build autonomous systems and AI tooling to scale security across every team and product.
• Partner with product engineers to ensure new features and systems are built securely.
• Manage the bug bounty program and shape the company's presence in the security research community.

Requirements

• 4+ years of software engineering experience.
• 2+ years of experience in product security.
• Ability to translate security risk into product decisions with non-technical stakeholders.
• Experience embedding security into an engineering team's SDLC.
• Must be based in or able to relocate to San Francisco, CA.

Nice to have

• Familiarity with SAST/DAST tooling, dependency scanning, or bug bounty programs.
• Compliance experience (SOC 2, HIPAA) in a cloud-native environment.
• Experience building systems with high data sensitivity (HIPAA, financial, identity).

Culture & Benefits

• Small, senior-led team with high ownership and direct mentorship.
• Comprehensive medical, dental, and vision insurance.
• 3% 401(k) contribution and competitive equity packages.
• Unlimited PTO and quarterly mental health days.
• Professional development stipend and wellness benefits.