Security Engineer (Product Security)

TL;DR

Security Engineer (Product Security): Identifying risks and reducing vulnerabilities across the software development lifecycle with an accent on threat modelling and secure-by-design practices. Focus on performing security reviews, remediating OWASP Top 10 vulnerabilities, and leveraging AI to scale security tooling.

Location: Hybrid (London Office)

Company

AI-powered customer communications platform used by 22,000+ companies worldwide to drive revenue and scale customer-facing teams.

What you will do

• Partner with engineering teams to review designs and implementation plans to identify and mitigate security risks early.
• Perform threat modelling for new features and major changes, documenting risks and security controls.
• Identify and remediate common vulnerability classes (auth/authz, injection, logic flaws) across services and APIs.
• Triage and support remediation of vulnerabilities identified via SAST/DAST tools, internal testing, or third-party findings.
• Conduct targeted manual security testing and validation for high-risk areas.
• Develop reusable guidance, checklists, and automation to improve secure development practices and the SDLC.

Requirements

• 2–5 years of experience in Product Security, Application Security, or software engineering with a strong security focus.
• Strong understanding of web application and API security fundamentals and OWASP Top 10.
• Experience performing security reviews, threat modelling, or secure architecture assessments.
• Ability to read and review production code in Python, Go, Java, or JavaScript/TypeScript.
• Familiarity with security testing tools and practices including SAST, DAST, and fuzzing.
• Must be based in or able to work from the London office on a hybrid basis.

Nice to have

• Experience with cloud-native architectures (AWS/GCP/Azure), Kubernetes, and secrets management.
• Experience tuning security tools to reduce noise and improve signal.
• Familiarity with secure SDLC practices and security champions programs.
• Exposure to bug bounty programs or working with external vulnerability researchers.

Culture & Benefits

• Collaborative, fast-moving environment that values ownership and continuous learning.
• Emphasis on work-life balance and a multicultural mindset with team members from 45+ nationalities.
• Competitive salary package and benefits.
• Opportunity to work within a unicorn company scaling rapidly through AI innovation.