<p>Location: Remote, USA</p> <p>About the Role</p> <p>We're looking for a Staff Product Security Engineer to lead the design and implementation of secure, scalable, and trustworthy products spanning AI, data, and cloud-native systems.</p> <p>You'll work closely with engineering, data science, and infrastructure teams to embed security by design throughout the product lifecycle. This role sits at the intersection of AI/ML security, secure product development, and container/cloud-native protection, helping define the architecture, automation, and frameworks that enable secure, intelligent products at scale.</p> <p>What You'll Do</p> <ul> <li>Embed robust security practices throughout the software and AI development lifecycle (SDLC). </li><li>Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services. </li><li>Partner with engineering and product teams to ensure security, privacy, and compliance by design. </li><li>Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows. </li><li>Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments. </li><li>Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft. </li><li>Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act. </li><li>Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations. </li><li>Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management. </li><li>Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction. </li><li>Build internal frameworks for continuous assurance and real-time vulnerability management. </li><li>Define and maintain reference security architectures for microservices, APIs, and AI-powered systems deployed in the cloud. </li><li>Mentor teams on secure coding, containerization best practices, and AI risk management. </li><li>Promote a security-first culture through advocacy, documentation, and training. </li><li>Represent product security in cross-functional initiatives and leadership discussions. </li></ul> <p>What We Are Looking For:</p> <p>Required:</p> <ul> <li>7+ years of experience in product, application, or cloud security engineering. </li><li>Deep understanding of secure SDLC, threat modeling, and secure architecture design. </li><li>Proven expertise with AWS cloud security concepts and best practices. </li><li>Strong experience with container security, orchestration, and runtime protection. </li><li>Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling. </li><li>Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure. </li><li>Familiarity with DevSecOps and continuous integration/deployment environments. </li></ul> <p>Nice to Have:</p> <ul> <li>Experience with GCP or Azure cloud platforms. </li><li>Knowledge of AI and LLM security </li><li>Experience with software supply chain security and artifact integrity verification. </li><li>Familiarity with compliance and governance frameworks (SOC 2, ISO 27001, NIST 800-53, NIST AI RMF). </li><li>Certifications such as CKS (Certified Kubernetes Security Specialist), CISSP, CSSLP, or AI/ML-focused security credentials. </li></ul> <p>Why Join Us?</p> <ul> <li>Work on cutting-edge security challenges in a fast-growing company. </li><li>Opportunity to shape and drive product security strategy. </li><li>Collaborative and security-minded engineering culture. </li><li>Competitive compensation, benefits, and career growth opportunities. </li></ul>