Employee Applicant Privacy Notice About SoFi SoFi is a national bank and financial services provider focused on helping millions of members achieve their financial goals. The company builds mobile-first technology that empowers users to take control of their finances. SoFi’s work directly impacts people’s lives and shapes the financial industry. Core values guide the team as they work to improve both careers and the broader financial landscape. Role Overview The Security Product Lead for Product & AI Security sets the strategy, roadmap, and measurable outcomes for securing SoFi’s product lifecycle and supporting AI/ML initiatives. This position sits within the Security Strategy & Delivery team and works closely with leaders and teams in Product Security, Engineering, and Data Science/AI. Main Responsibilities Define and communicate the strategic direction for Product Security and AI Security as internal security products. Align security initiatives with enterprise risk priorities. Develop and maintain a clear roadmap for security capabilities. Establish and track key performance indicators (KPIs) to measure success. Implement structured program governance for security initiatives. Collaborate across teams to integrate security controls throughout the software development lifecycle (SDLC). Address unique risks associated with AI/ML systems. Influence stakeholders and drive alignment without direct authority. Help protect member trust, company assets, and support business stability and growth. Location Roles are available in Seattle, WA; Cottonwood Heights, UT; San Francisco, CA; New York City, NY; and Frisco, TX.

About Our TeamJoin our dynamic Intelligence & Investigations (I2) team, dedicated to identifying and mitigating abuse and strategic risks, ensuring the responsible and safe use of AI technology. We leverage real-world signals, thorough investigations, and external threat intelligence to develop actionable strategies, operating guidelines, and partner-ready support that enhance safety across the AI landscape.About the RoleAs the Product & Solutions Lead specializing in safety and security, you will spearhead the creation and implementation of innovative 0–1 products, services, and technical solution packages. Your work will empower developers and public institutions to transition from experimentation to achieving reliable, trusted outcomes while upholding public safety, transparency, and respect for individual rights.This pivotal role encompasses two primary delivery modes:Custom products and technical solutions tailored for key internal and external partners, andScalable product and solution packages designed for widespread reuse across various partners and deployments.While training is a component of scaling our solutions, your focus will also include delivering reference implementations, playbooks, evaluation kits, and replicable operating models that partners can easily adopt and implement.Collaborating closely with engineers and a multidisciplinary team of safety experts, geopolitical analysts, and data scientists, you will translate complex and evolving challenges into actionable solutions suitable for high-stakes environments.This position is located in San Francisco, CA (hybrid model, 3 days/week in-office). Relocation support is available for qualified candidates.Key Responsibilities:Lead the development of the 0–1 roadmap for safety and security solution offerings, which includes defining target users, problem statements, tools, operating models, success metrics, and reusable deliverables.Design and deliver custom technical solutions for priority partners, both internal and external, while abstracting successful strategies into reusable frameworks and toolkits.Create partner-ready technical documentation, including solution blueprints, reference architectures, evaluation and monitoring guidelines, incident response playbooks, and deployment checklists.Package both open-source and proprietary capabilities into ready-to-adopt solutions, such as reference implementations, configuration patterns, and validated workflows.Ensure a consistent delivery model across all engagements, encompassing intake, strategy formulation, and execution.

Join SoFi as a Security Product Lead in the realm of Enterprise & Identity Security. This pivotal role involves driving the strategy and execution of security initiatives that protect our enterprise infrastructure and user identities. You will collaborate with cross-functional teams to enhance our security posture and ensure that our products align with industry standards and best practices.

Join Scale AI as a highly skilled Security Engineer in our Product Security team, where you will play a pivotal role in safeguarding the security and integrity of our products and services. This position involves conducting comprehensive code reviews, implementing security best practices, and shaping our overarching security strategy. Your proficiency in TypeScript, Python, AWS, CI/CD, SAST, DAST, and Terraform orchestration will be vital in detecting and addressing potential security threats. You will have the opportunity to analyze complex issues, identify root causes independently, and articulate the complexities and implications of security vulnerabilities, including their potential for exploitation and impact. Your responsibilities will include:Utilizing extensive product security knowledge to design and maintain software tools that secure every layer of the modern AI/ML software ecosystem.Conducting thorough code reviews to identify and rectify security vulnerabilities.Assessing and improving the security of our product offerings through RFC and service evaluations.Establishing and sustaining CI/CD pipelines with a strong emphasis on security.Executing Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to uncover vulnerabilities in production code.Employing Terraform orchestration to maintain secure and efficient infrastructure management.Advising engineering teams on developing robust, long-term solutions that prioritize security and privacy.Clearly communicating the mechanics and significance of security vulnerabilities, including their exploitability and potential consequences.Contributing to the security strategy and direction of the team, advocating for best practices and ongoing enhancements. Ideal candidates will possess:A proven track record of independently driving multi-month security initiatives, from problem identification to execution, with minimal oversight.Significant experience as a Security Engineer with an emphasis on product security.Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes.A strong grasp of modern JavaScript application design.Practical experience in operating and securing AWS infrastructure at scale.Hands-on experience with SAST and DAST tools and methodologies.Familiarity with Terraform orchestration for managing infrastructure.Capability to analyze complex problems and identify root causes independently, providing actionable insights without managerial input.Exceptional communication skills, enabling clear presentation of technical concepts to diverse audiences.

Join Oleria Security as a Senior Product Marketing Lead in our San Francisco office, where you will play a pivotal role in shaping our marketing strategies and driving product adoption. This is an exciting opportunity for a talented individual with a passion for technology and a strategic mindset.You will collaborate closely with cross-functional teams, including product management, sales, and engineering, to develop and execute robust marketing initiatives. Your expertise in understanding customer needs and market dynamics will be instrumental in crafting compelling product narratives and positioning strategies.

At Crusoe, we are on a mission to accelerate the accessibility of energy and intelligence for everyone. Join us in creating the infrastructure that enables individuals to innovate boldly with AI, all while maintaining a commitment to scale, speed, and sustainability.Become a key player in the AI revolution through sustainable technology at Crusoe. Here, you will spearhead groundbreaking innovations, make a significant impact, and collaborate with a team dedicated to shaping the future of responsible cloud infrastructure.Role Overview:Crusoe AI is seeking a Senior Product Security Engineer to play a pivotal role in protecting our cloud products and applications, particularly those centered on AI/ML, throughout their entire lifecycle.In this position, you will lead the establishment and enforcement of security best practices within the development lifecycle. Your responsibilities will include performing comprehensive threat modeling, executing security assessments, and working closely with product and engineering teams to strengthen our security posture, ensuring the robustness of our innovative solutions and the protection of customer data.Your Daily Responsibilities:Collaborate with product and engineering teams to embed security best practices into the software development lifecycle.Conduct threat modeling, security architecture evaluations, design assessments, and code reviews for new product initiatives. Perform penetration testing, vulnerability assessments, and security evaluations of product features and systems.Create and implement security automation tools to monitor and test code and software for vulnerabilities.Establish and maintain secure coding protocols and procedures tailored for cloud and Kubernetes environments.Proactively detect and mitigate risks in user-facing processes and critical infrastructure.Lead security education, training, and mentorship initiatives to cultivate a culture of security awareness across all teams.Identify and manage security vulnerabilities, ensuring they are documented, prioritized, and addressed promptly.Qualifications for Success:You possess 4-6+ years of experience in Information Security, with a specialization in application or product security.You have proficiency in cloud platforms such as AWS, GCP, or Azure, and expertise in Kubernetes orchestration as well as automation scripting (e.g., Python).

About ValonValon is pioneering the AI-driven operating system for regulated finance, beginning with mortgage servicing. As a Series C company backed by a16z, we are revolutionizing sectors that many deemed too complex for innovation.Instead of relying on outdated legacy systems, we took an innovative route by developing and managing our own mortgage servicing business, overseeing over $110 billion in loans. This strategic choice has allowed us to gain profound insights into the complexities necessary to create software that genuinely functions in regulated industries.The results are remarkable. We've turned mortgage servicing from a 0% margin industry into one that boasts margins exceeding 60%, all while significantly enhancing customer satisfaction. Major enterprise contracts are now rolling out across the sector.ValonOS is our comprehensive platform that structures and automates every process, positioning us perfectly for the AI era. With a single system powered by rich data, our AI agents not only streamline tasks but also perpetually enhance overall operations. While mortgage servicing is our starting point, our vision extends to transforming regulated industries and beyond.Security at ValonOur clients entrust us with their most sensitive financial information, and our Security team’s foremost mission is to implement robust programs, processes, and automation to protect this data. We safeguard the infrastructure and data involved in processing billions of dollars in mortgage loans.Beyond protecting Valon’s internal systems, our Security team collaborates closely with Product and Engineering teams to design and deliver secure, scalable, and reliable features for ValonOS. We work cross-departmentally to embed security throughout the organization, regularly engaging with external security auditors, pentesting firms, and partners to continuously assess and enhance Valon’s security posture.Valon has offices in New York City and San Francisco, but we fully embrace remote work!

About the RoleJoin our innovative Product Security team as an Entry-Level Security Engineer. We are seeking a proactive individual with a builder’s mindset who is eager to learn and contribute to both planned initiatives and real-time security needs with supportive mentorship.In this hands-on role, you will collaborate across Infrastructure, Application, and Enterprise Security, where responsibilities may overlap. Your contributions will include the design and implementation of security controls, reviewing technical designs, and addressing findings from security researchers and penetration testers. You will write code, develop automation solutions, and utilize AI tools to enhance your productivity and strengthen our security practices. This position offers exposure to a diverse range of security challenges, accelerating your professional growth as a security engineer.

Join SoFi as a Security Product Lead specializing in Threat Intelligence and Insider Risk. In this pivotal role, you will spearhead initiatives that enhance our security posture and protect our assets from internal and external threats. You will collaborate with cross-functional teams to develop and implement innovative security solutions, ensuring the safety and integrity of our operations.

Join Databricks as a Staff Product Manager, SecurityAt Databricks, we are dedicated to empowering data teams to tackle the world’s most formidable challenges, from revolutionizing transportation to accelerating medical advancements. Our mission is accomplished by providing the most robust data and AI infrastructure platform, which enables our clients to harness deep data insights to enhance their business operations. We are committed to simplifying user experiences in complex data management projects while upholding the highest security standards to safeguard their data.In this pivotal role, you will oversee all aspects of data security within the Databricks Lakehouse platform. You will spearhead product strategy, identifying, prioritizing, and implementing necessary external and internal controls to help customers adhere to privacy, confidentiality, digital sovereignty, and other regulatory requirements. You will design intuitive policy models that empower customers to manage access to their critical assets efficiently. Your contributions will instill confidence in IT and security administrators, facilitating increased adoption of Databricks within their organizations. Our data champions will rely on the security and operational simplicity you provide, allowing them to focus on delivering maximum value to their users. You will report directly to a Senior Director of Product Management.

About depthfirst depthfirst builds software to strengthen the foundations of modern technology. The team focuses on protecting software from vulnerabilities that threaten its reliability and security. The mission: make software safer everywhere it runs. depthfirst develops intelligent tools that find and fix critical software vulnerabilities. The company trains and scales security AI agents to uncover zero-day issues in large customer codebases and widely used open source projects. The founding team brings experience from DeepMind, Databricks, Square, and Faire, with deep backgrounds in data, infrastructure, security, and large language models. depthfirst welcomes technical professionals interested in working where AI, Security, and Infrastructure meet. Role Overview: Security Product Engineer This San Francisco-based role centers on working directly with enterprise customers to implement depthfirst's security AI agents in their environments. The Security Product Engineer acts as the technical point of contact, ensuring the AI tools detect vulnerabilities at scale within real-world systems. The position blends hands-on engineering with regular customer interaction. Security Product Engineers learn about each customer's security landscape, design custom integrations using depthfirst's platform, and partner with the product team to turn successful solutions into product features. The work shapes both how customers use depthfirst and how the product evolves. What You Will Do Work with enterprise customers to deploy depthfirst's security AI agents in production. Build strong relationships with security teams, acting as a trusted advisor who understands their needs. Translate customer challenges into practical solutions, including custom integrations, data pipelines, and workflows connecting depthfirst with existing security tools. Identify common patterns across deployments and collaborate with the product team to develop platform-wide capabilities. Communicate effectively with stakeholders at all levels, from security engineers to CISOs. Own the technical delivery process, from initial scoping through implementation and ongoing optimization. Travel to customer sites when needed to support successful deployments.

Join us at DigitalOcean, where you can elevate your career and be part of a vibrant community dedicated to building the most user-friendly and scalable cloud infrastructure. If you possess a growth mindset, enjoy thinking innovatively, and thrive in a fast-paced environment of a true industry leader, your perfect fit awaits here. We believe in winning together—while learning, enjoying our work, and making a significant impact for dreamers and builders across the globe.We are on the lookout for a Senior Technical Product Manager II to lead the development and launch of our Security Products, ensuring exceptional execution quality and effective communication with our customers. This pivotal role bridges the gap between security product strategy and engineering delivery, transforming customer needs and security outcomes into well-defined tasks, clear requirements, and deliverable increments.You will closely collaborate with engineering and UX teams to ensure the health of the backlog, maintain a smooth delivery rhythm, manage dependencies, and prepare for releases across various Security Products workstreams. Additionally, you will enhance how we communicate about Security Products and incident updates. This includes crafting clear written narratives and launch materials, as well as developing reusable templates, checklists, and workflows that guarantee consistent, accurate, and timely product launches and incident response communications in partnership with Corporate Communications, Product Marketing, and Developer Relations.You will report directly to the Head of Security Products, who oversees the overall portfolio strategy and represents the Security voice within the organization.Key Responsibilities:Oversee the complete execution of one or more Security Products workstreams, translating strategic goals and customer needs into precise requirements, sequencing, and shippable increments.Act as the technical product owner for your designated scope by maintaining an organized backlog, creating high-quality user stories and acceptance criteria, and ensuring that engineering remains unimpeded through swift decisions and clear trade-offs.Collaborate extensively with engineering leadership to drive delivery planning, produce estimates, manage dependencies, and ensure readiness for releases, focusing on predictable outcomes and minimizing rework.Partner with UX and UI teams to design seamless security experiences within the DigitalOcean console and API, transforming designs into actionable requirements, workflows, and instrumentation needs.Work cross-functionally with teams across Security, IAM, Networking, Support, Billing, and service departments to ensure cohesive customer journeys, clearly defined ownership boundaries, and effective remediation paths.Define and uphold release criteria for your scope, including quality standards, rollout strategies, customer readiness, and feedback loops.

Astranis is on the forefront of satellite technology, developing advanced satellites designed for high orbits that expand humanity’s reach into the solar system. Our innovative satellites deliver dedicated, secure communication networks to a diverse range of clients, including large enterprises, sovereign governments, and the US military. With five satellites currently in orbit and numerous launches planned, we are proudly managing a backlog exceeding $1 billion in commercial contracts.Astranis is the go-to satellite communications partner for clients with rigorous demands for uptime, data security, and network customization. Having raised more than $750 million from some of the most recognized investors, including Andreessen Horowitz, Blackrock, and Fidelity, we boast a talented team of 450 engineers and entrepreneurs. Our operations are based in a state-of-the-art 153,000 sq. ft. facility in Northern California, USA.Senior Product Security EngineerAs a Senior Product Security Engineer at Astranis, you will leverage your extensive software engineering expertise with a strong focus on security. You will be tasked with designing and building secure systems, specializing in critical areas such as cryptography, Public Key Infrastructure (PKI), and zero trust architectures. Your role will encompass evaluating processes, operating systems, and applications from a security-first engineering perspective. While your primary responsibility will be to develop secure software, you will also play a key role in identifying vulnerabilities, conducting risk analyses, and leading thorough security reviews.

Embark on a transformative career journey with DigitalOcean, where you will collaborate with a vibrant community of exceptional talent dedicated to creating the simplest scalable cloud solutions. If you possess a growth mindset, a penchant for bold thinking, and thrive in the dynamic environment of an industry pioneer, you will find your niche here. We emphasize team success—fostering learning, enjoyment, and making a meaningful impact for innovators and creators worldwide.Join Us as a Senior Software Engineer, Driven by Passion for AI Innovation in Startups!We are in search of a highly skilled and enthusiastic Senior Software Engineer to become an integral part of our Security Products team. In this crucial position, you will play a key role in architecting, developing, and sustaining robust security solutions that safeguard DigitalOcean's platform and our customers' data. This is a thrilling opportunity for an individual who excels in fast-paced settings and is passionate about addressing complex security challenges on a large scale.

About Cogent SecurityCogent Security is at the forefront of cybersecurity innovation, leveraging Applied AI to develop next-generation AI agents. In an era where cyber attacks evolve rapidly, our AI Taskforce analyzes vast amounts of enterprise data to proactively address vulnerabilities and prevent critical breaches.We combine pioneering research with practical execution, ensuring that our innovative solutions meet real-world challenges. Our Cogent Research division acts as our dedicated AI lab, driving the development of advanced security workflows.Since our emergence from stealth mode, we have rapidly grown, collaborating with Fortune 500 companies to secure complex production environments globally.Supported by Greylock, we have gathered a team of top talent from renowned institutions and leading organizations in the AI and cybersecurity sectors.About the RoleAs an Agent Engineer at Cogent Security, you will be pivotal in designing, building, and deploying critical AI agents tailored for complex client environments. Your role is highly cross-functional, involving direct collaboration with customers to understand their unique needs, adapting our platform accordingly, and iterating on scalable solutions to handle millions of real-world security events.You will manage projects from inception to deployment, including data onboarding and integrating feedback into our core agent platform. Your contributions will shape how AI agents detect threats, triage incidents, and automate security workflows for some of the most sophisticated organizations worldwide.This position is ideal for engineers who excel in dynamic environments, enjoy tackling complex technical challenges, and wish to see the tangible impact of their work.

At Bugcrowd, we have been revolutionizing the way organizations defend against cyber threats since 2012. Our patented Security Knowledge Platform™, powered by data and AI, harnesses the collective expertise of a trusted network of elite hackers. By identifying hidden vulnerabilities and adapting to ever-evolving threats, including zero-day exploits, we empower our clients to reclaim their security. With our innovative CrowdMatch™ technology, we provide unmatched scalability and precision in matching talent to your unique security challenges. Join us in creating a new era of modern crowdsourced security that stays ahead of threat actors. Explore more at www.bugcrowd.com. We are headquartered in San Francisco and New Hampshire, backed by leading investors like General Catalyst, Rally Ventures, and Costanoa Ventures.Job SummaryAs the Product Security Engineering Manager, you will be pivotal in shaping and executing our application security, platform security, and FedRAMP initiatives. You will lead and mentor a geographically diverse team of security engineers, passionate about embedding security into the engineering process and building secure-by-default systems. If you thrive in a hands-on role that empowers others, we would love to connect with you.

Supported by top-tier investors from Silicon Valley, Peregrine Technologies is dedicated to empowering public safety organizations, local and state governments, federal agencies, and private-sector institutions to tackle societal challenges with unparalleled speed and precision. Our innovative AI-driven platform transforms isolated and fragmented data into actionable intelligence, instantly revealing critical information that promotes quicker, more informed decisions enhancing outcomes at every level. Currently, Peregrine serves hundreds of clients across more than 30 states and two countries, impacting over 125 million individuals, and we are excited to broaden our reach into enterprise and international markets.Our TeamAt Peregrine, we maintain that empathy is vital to enhancing our solutions. Observing how users engage with our products is essential for finding the best solutions. Our engineers work closely with teams on-site to gain insights into the diverse use cases we support.We are in search of a talented security engineer to join our core engineering teams. Our teams face various challenges, from enabling real-time user collaboration on intricate maps to constructing robust backend architectures capable of processing billions of data points.We value humility and empathy as fundamental traits for crafting effective solutions—you will collaborate directly with our deployment team and users as we refine our approach to addressing their needs. Creativity and perseverance are vital in realizing our vision.RoleThis is an exciting opportunity for a software engineer to join our expanding team, where you will gain substantial ownership over our technology stacks, making impactful decisions that will shape our future. You will play a pivotal role in ensuring that security is woven into every aspect of our product development lifecycle.Our technology stack is continually evolving, anchored by a backend built on Python, Django, Celery, Airflow, and Kafka; a frontend utilizing React, Redux, and Mapbox; data storage solutions including PostgreSQL and Elasticsearch; machine learning models deployed using Bedrock and SageMaker; and infrastructure managed through AWS, Pulumi, Terraform, and Kubernetes.About YouDevelop scalable, security-first frameworks that form the backbone of our infrastructure, ensuring top-tier data security.Recognize and mitigate emerging security threats, establishing strategies that align with our product goals.Design security architecture across the platform...

Join Stripe as a Product Lead in our AI division where you will drive the vision and execution of AI initiatives. You will work closely with engineering teams and cross-functional stakeholders to unlock new capabilities and enhance our product offerings. Your leadership will steer the development of innovative AI solutions that meet customer needs and propel Stripe forward.

About SemgrepSemgrep stands at the forefront of code security, enabling developers to innovate seamlessly. We empower teams to identify, flag, and resolve real issues before deployment, utilizing adaptive security that evolves as development progresses. With Semgrep, code is secured in real-time, providing developers with the freedom to work swiftly while maintaining security integrity. Designed for developers and endorsed by security teams, Semgrep integrates into the developer's workflow, offering solutions without disrupting productivity, while giving security teams essential visibility and control. Our AI-driven approach minimizes false positives and prioritizes actionable vulnerabilities, earning the trust of 95% of security reviewers across over 6 million findings. Semgrep is making the dream of zero false positives a reality, enabling AppSec teams to manage 80% fewer false positives across Code and Supply Chain, significantly reducing backlog.Founded in San Francisco and supported by top-tier investors including Menlo Ventures, Felicis Ventures, Lightspeed Venture Partners, Redpoint Ventures, and Sequoia Capital, Semgrep has gained recognition from Gartner in Application Security Testing and is relied upon by industry leaders such as Snowflake, Dropbox, and Figma. Discover more at semgrep.dev.About the RoleAs a Staff AI Product Engineer within Semgrep’s Code team, you will leverage cutting-edge AI/ML technologies from leading companies (including OpenAI, Anthropic, Hugging Face, Amazon, Google) to develop user-centric security tools that accelerate the process of writing and deploying secure software.The Semgrep Code product enhances the software development lifecycle by pinpointing genuine vulnerabilities without hindering productivity. Unlike other security solutions that inundate developers with irrelevant alerts, we provide clear, actionable, and intuitive insights. The advancements in AI are already transforming how we minimize noise, and we believe there’s even more to unlock in the future.You will gain insights into the application-security domain, mentor fellow engineers, collaborate with product managers, security researchers, and application developers, while contributing to features that delight our customers. Within Semgrep’s culture of transparency, you’ll observe and impact the decisions that drive a startup’s success. Your contributions will be pivotal in establishing Semgrep as the leading code analysis initiative and a trusted security platform.Your Responsibilities:Integrate AI platform APIs into the Semgrep Code productDevelop and optimize LLM prompt chains for real-world developer scenariosExplore the latest advancements in AI/ML and evaluate their potential for product integrationCollaborate with cross-functional teams to enhance product features and functionality