Senior Product Security Engineer

At StubHub, our mission is to revolutionize the live event experience on a global scale. Whether someone is preparing to attend their first concert or their hundredth sporting event, we strive to enhance their journey from ticket discovery to entry at the venue. We extend the same commitment to our sellers, whether they are fans parting with a single ticket or promoters managing a major stadium tour; we aim to make StubHub the most secure and convenient platform for millions of fans worldwide.Join our Product Security Engineering Team as a Senior Product Security Engineer, where you'll play a pivotal role in strengthening our security framework within the end user and services product domain. The ideal candidate will bring extensive experience in CI/CD pipeline security, conducting product and application architecture assessments, implementing contextualized vulnerability management processes, and driving automation initiatives.

At Headway, we are on a transformative journey to revolutionize mental healthcare accessibility. Our cutting-edge technology connects individuals with exceptional therapists through the first software-enabled national network of providers who accept insurance.With 1 in 4 Americans experiencing a treatable mental health condition, the lack of insurance acceptance among many providers makes therapy unaffordable for many. Headway is committed to creating an inclusive mental healthcare system that facilitates therapists in accepting insurance and growing their practices.Founded in 2019, we have expanded into a dynamic national network comprising over 60,000 mental healthcare providers throughout all 50 states. Our software has helped serve over 1 million patients. As a Series D company, we have secured over $325 million in funding from prominent investors including a16z (Andreessen Horowitz), Accel, GV (formerly Google Ventures), Spark Capital, Thrive Capital, Forerunner Ventures, and Health Care Service Corporation.We aspire for your time with us to be the most impactful experience of your career. Join us in our mission to enhance mental healthcare for all.

Join Scale AI as a highly skilled Security Engineer in our Product Security team, where you will play a pivotal role in safeguarding the security and integrity of our products and services. This position involves conducting comprehensive code reviews, implementing security best practices, and shaping our overarching security strategy. Your proficiency in TypeScript, Python, AWS, CI/CD, SAST, DAST, and Terraform orchestration will be vital in detecting and addressing potential security threats. You will have the opportunity to analyze complex issues, identify root causes independently, and articulate the complexities and implications of security vulnerabilities, including their potential for exploitation and impact. Your responsibilities will include:Utilizing extensive product security knowledge to design and maintain software tools that secure every layer of the modern AI/ML software ecosystem.Conducting thorough code reviews to identify and rectify security vulnerabilities.Assessing and improving the security of our product offerings through RFC and service evaluations.Establishing and sustaining CI/CD pipelines with a strong emphasis on security.Executing Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to uncover vulnerabilities in production code.Employing Terraform orchestration to maintain secure and efficient infrastructure management.Advising engineering teams on developing robust, long-term solutions that prioritize security and privacy.Clearly communicating the mechanics and significance of security vulnerabilities, including their exploitability and potential consequences.Contributing to the security strategy and direction of the team, advocating for best practices and ongoing enhancements. Ideal candidates will possess:A proven track record of independently driving multi-month security initiatives, from problem identification to execution, with minimal oversight.Significant experience as a Security Engineer with an emphasis on product security.Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes.A strong grasp of modern JavaScript application design.Practical experience in operating and securing AWS infrastructure at scale.Hands-on experience with SAST and DAST tools and methodologies.Familiarity with Terraform orchestration for managing infrastructure.Capability to analyze complex problems and identify root causes independently, providing actionable insights without managerial input.Exceptional communication skills, enabling clear presentation of technical concepts to diverse audiences.

About BettermentBetterment is a pioneering financial services organization driven by technology, providing innovative investing and retirement solutions for individual investors, investment advisors, and financial wellness services, including tailored 401(k) plans for small to medium enterprises. Our mission is to empower individuals to build wealth with confidence and ease. We are based in New York City and offer hybrid work arrangements, requiring four days a week in the office. About the RoleThe Security Engineering team acts as a vital partner across the organization, striving to ensure that Betterment is the most secure platform for our customers’ assets. We achieve this by developing tools for our engineering teams, enhancing the security and integrity of our systems, and implementing monitoring solutions for our services. This allows us to operate efficiently and effectively within a highly regulated and secure environment.Our programming activities encompass languages such as Ruby, JavaScript, Java, and Python. We utilize a diverse array of technologies to support our tools and platform, including AWS, Kubernetes (EKS), Helm, Terraform, Datadog, CircleCI, and Splunk. As a Senior Product Security Engineer, you will play a critical role in delivering new products, tools, and systems securely, enhancing the impact of our engineering efforts while ensuring the safety and satisfaction of our customers!This position is eligible for remote work. Below is the salary range we would offer for this position based on city or state requirements. For candidates located elsewhere, the offered compensation will be based on experience and geographic location. Actual salaries may vary depending on factors such as location, experience, and performance. The range listed is a part of Betterment’s overall compensation package.New York City: $205,000 - $215,000We provide a competitive equity package along with comprehensive health, dental, and vision benefits, life and AD&D insurance, short-term and long-term disability coverage, an Employee Assistance Program, commuter and parking benefits, FSA/HSA options, and a 401(k) plan with employer matching, in addition to a flexible PTO policy. This role may also qualify for variable compensation through a company incentive bonus.A Day in the LifeLead and collaborate on product security initiatives to strengthen our engineering practices.Write and review customer-facing code to address security issues alongside product development teams.

About UsAt Gecko Robotics, we empower critical infrastructure by ensuring its availability, reliability, and sustainability through our innovative solutions. Our cutting-edge technology integrates wall-climbing robots, top-of-the-line sensors, and an AI-driven data platform, offering clients unprecedented insights into the current and future state of their physical assets. This enables real-time decision-making that enhances operational efficiency and safety, promotes mission readiness, and safeguards the environment from potential infrastructure failures.Position OverviewWe are seeking our inaugural dedicated Product Security Engineer to enhance and expand our application security measures at Gecko. In this pivotal role, you will have a significant impact on the security framework of our product as we continue to evolve.This is a hands-on position that requires direct collaboration with engineering teams to establish secure software practices as the default standard. While we have existing tools in place, we need someone who can refine them, automate processes, and minimize manual security tasks.If you thrive on building systems from scratch, addressing tangible challenges, and working closely with product and engineering teams, this role is tailored for you.Key ResponsibilitiesEnhance application security across our products and cloud systems, partnering with engineers to ensure secure software is the norm without hindering productivity.Integrate security checks into CI/CD pipelines to catch potential issues early, while refining existing tools to minimize distractions for engineers.Conduct code and infrastructure reviews to identify and mitigate security vulnerabilities, guiding teams in implementing secure, repeatable patterns.Automate currently manual security tasks, establishing scalable guardrails as the company expands.Collaborate with platform teams to bolster cloud security in AWS or Google Cloud, avoiding common pitfalls.Support the implementation of security controls necessary for SOC 2, ISO, and similar standards as we grow.Technologies We UtilizePython, JavaScript, ReactAmazon Web Services and Google CloudGitHub, GitLab, JenkinsContainers and Infrastructure as Code

Join Plaid as a Product Security Engineer and play a pivotal role in safeguarding our innovative financial technology products. In this position, you will collaborate with a talented team to identify and mitigate security risks, ensuring our services remain secure and reliable for our users. Your expertise will help shape our security practices and foster a culture of security awareness across the organization.

CLEAR builds secure identity technology for both digital and physical spaces. With more than 38 million members and a growing global partner network, CLEAR’s platform helps people move through airports, stadiums, workplaces, and daily routines with greater safety and ease. Role Overview The Senior Security Engineer on the Infrastructure Security Engineering (ISE) team protects CLEAR’s core platforms. This position focuses on cloud security, identity management, and endpoint controls. The work centers on AWS and Kubernetes environments, using infrastructure-as-code to scale and automate security practices. What You Will Do Strengthen security across AWS and Kubernetes infrastructure Develop and implement security controls using infrastructure-as-code Work closely with Engineering, CorpIT, and Security teams to make security a default part of CLEAR’s systems Location This role is based in New York, New York, United States.

Join Palantir Technologies as a Product Infrastructure Security Engineer in New York. In this role, you will play a critical part in securing our infrastructure, ensuring that our products and services maintain the highest standards of security and reliability. You will work with top-tier engineering teams to identify vulnerabilities, implement robust security measures, and contribute to the overall security architecture of our systems.

Why Join UsAt Brex, we are transforming the way businesses manage their expenses through our innovative AI-powered spend platform. By integrating corporate cards, banking, and global payments with user-friendly software for travel and expenses, we empower companies—from startups to large enterprises like DoorDash, Flexport, and Compass—to control their spending proactively, reduce costs, and enhance efficiency on a global scale.Joining Brex means you will push boundaries, challenge conventional thinking, and collaborate with some of the brightest minds in the industry. We are dedicated to fostering a diverse team and inclusive culture, believing that your potential is only limited by your ambition. We provide you with the tools, resources, and support necessary to elevate your career.Engineering at BrexOur engineering approach at Brex focuses on building scalable systems with intention and speed. Our teams, which encompass Software, Data, Security, and IT, operate with a high degree of autonomy and foster deep collaboration. We take on complex technical challenges, take ownership of our results, and strive for excellence across all stages—from architecture to deployment. At Brex, engineering is a craft, and our builders evolve into leaders.Your RoleAs a Senior Security Operations Engineer at Brex, your mission will be to prevent, detect, and respond to security threats across our corporate and cloud environments. You will leverage existing systems and develop new tools to enhance our security capabilities. Our team is responsible for various functions in corporate security, detection & response, and infrastructure security domains, employing systems engineering and automation to support these functions.Security Operations is nested within our broader Trust & IT organization, providing opportunities to collaborate closely with Application Security, Corporate Engineering, Governance, Risk & Compliance (GRC), and IT. You will work to enhance security configurations, promote positive employee behaviors, and prevent incidents from escalating. Furthermore, you will contribute to our open-source project Substation and have the chance to share insights on the Brex Tech Blog. You will be part of a team that actively engages with the broader security community, committed to mentorship and engineering excellence.We seek individuals with a robust background and a keen interest in detecting, responding to, and resolving security incidents and challenges. You should be passionate about security and eager to contribute to a forward-thinking team.

At January, we are on a mission to revolutionize consumer finance from the ground up. By personalizing interactions and optimizing decision-making throughout all stages of consumer credit, we empower both consumers and creditors, ensuring that credit is fair, accessible, and tailored to individual needs.As a Lead Security Engineer, you will redefine security standards in an industry where trust has been significantly compromised. This is a unique opportunity to join us at a pivotal moment: we have established the hard-earned trust of leading financial institutions, and now you will create the security framework that extends this trust to millions of consumers.You will design and implement a dual trust architecture, safeguarding both consumer-facing experiences and robust enterprise systems. You will tackle technical challenges that are unparalleled in the industry, such as privacy-preserving data systems, compliance automation across multiple jurisdictions, and AI-driven decision-making processes. Your influence will shape our security strategy and culture from the ground up, demonstrating that security is not merely an overhead cost, but a competitive advantage that drives enterprise partnerships and market growth.Your ImpactTransform security into a competitive edge: Position January's security as a key differentiator that attracts banks and enterprises, unlocking Tier 1 partnerships and deals that competitors cannot secure.Promote security-by-design in product and application development: Collaborate with product and engineering teams to identify critical risks early in the process, focusing on application security across frontend, Flask services, and databases. Integrate security into the discovery and design phases, ensuring secure development patterns are embedded in workflows.Design systems for bank-grade data protection: Create and enforce data classification, encryption, and access control mechanisms that comply with regulatory standards, ensuring sensitive data remains within authorized boundaries.Foster a security-first engineering culture: Advocate for security-centric thinking within engineering teams without hindering progress. Lead incident responses decisively, ensuring that January emerges stronger from security events through thorough post-incident analyses.Streamline compliance with minimal overhead: Maintain SOC 2, PCI-DSS, and financial compliance using automated systems and build infrastructure that generates audit evidence seamlessly, eliminating compliance bottlenecks.

CoreWeave builds cloud infrastructure for AI innovators, supporting organizations with secure, high-performance platforms. Trusted by leading AI labs and enterprises, CoreWeave integrates with existing identity and security systems to deliver reliable solutions for sensitive workloads. Since March 2025, CoreWeave has been publicly traded on Nasdaq (CRWV). Learn more at www.coreweave.com. About the Security Products Division The Security Products group develops tools that help enterprise clients extend their identity and encryption frameworks into the CoreWeave Cloud. This team builds products like CoreWeave IAM, encryption lifecycle management, and infrastructure for detailed access control and secure onboarding. Collaboration with Product, Information Security, and core platform teams is central to making CoreWeave a secure and compliant environment for large-scale AI applications. Role Overview: Director of Engineering, Security Products CoreWeave seeks a Director of Engineering to lead teams building identity, authorization, and encryption platforms. This technical and strategic leader will shape the roadmap for security products that support customer trust and enable scalable, regulated AI applications. The Director will work closely with Product and Security partners to design and maintain reliable, auditable, and user-friendly services. Mentoring engineering leaders and individual contributors is a key part of this role, setting high standards for engineering quality in a complex, high-stakes environment. What You Will Do Define and execute the engineering roadmap for CoreWeave security products, including IAM, authorization, encryption lifecycle management, and workload identity. Locations Livingston, NJ / New York, NY / Sunnyvale, CA

Radar is looking for a Staff or Principal Product Engineer with a focus on security. This position is based in New York and centers on shaping the security architecture for Radar’s products. Role overview This role involves defining and improving security measures across the company’s product line. The engineer will play a key part in maintaining and elevating security standards as Radar’s offerings grow. What you will do Collaborate with teams from different disciplines to strengthen product security. Develop and refine security features that protect users of Radar’s products. Apply technical expertise to maintain high security standards throughout the product lifecycle.

CoreWeave is the definitive cloud solution for AI™. Designed by innovators for innovators, we provide a robust platform of technology, tools, and expert teams that empower trailblazers to confidently build and scale AI solutions. Trusted by top AI research labs, startups, and global enterprises, CoreWeave merges exceptional infrastructure performance with profound technical know-how to expedite breakthroughs and transform computing power into actionable capability. Established in 2017, CoreWeave became publicly traded (Nasdaq: CRWV) in March 2025. Discover more at www.coreweave.com.What You Will Do:The Enterprise Security team at CoreWeave is tasked with safeguarding our daily operations—covering identity, endpoints, networks, and SaaS—ensuring the company can maintain agility without sacrificing security. This team is accountable for the controls, guardrails, and automation that protect our workforce, contractors, and vital business applications within a cloud-native environment.If you're passionate about zero trust, phishing-resistant MFA, and creating secure-by-default experiences that enhance productivity, this is the perfect team for you.About the Role:As a Senior Security Engineer, Enterprise Security, you will architect and implement the security measures that support CoreWeave's workforce and enterprise framework. You will spearhead projects related to identity, access management, device and endpoint security, and SaaS security—collaborating closely with IT Engineering, Endpoint, Network, and various security teams.Your routine will involve a blend of hands-on engineering (coding, building integrations, fine-tuning controls) and architecture and program leadership (setting standards, defining frameworks, and encouraging adoption across teams). You will be accountable for transforming high-level goals—such as “implementing zero trust for workforce access” or “deploying phishing-resistant MFA at scale”—into tangible designs, automation, and quantifiable risk reduction.In this position, you will:Develop advanced identity and access controls

About the Role Sigma Computing is seeking a Senior Security Engineer II focused on Cloud & Data Security to help safeguard our large-scale, cloud-native SaaS platform. This position centers on engineering: building security solutions, not just operating existing tools. The role calls for a subject matter expert in cloud security architecture. Collaboration with Engineering, Security, and Product teams is key, as is designing scalable controls that support business growth. Responsibilities include creating secure architectures, integrating controls into infrastructure-as-code, and setting up automated guardrails so teams can move quickly without waiting for manual security sign-offs. This is a hands-on position for someone who thrives in complex cloud environments, values automation, and knows how to scale security for a growing SaaS company. What You Will Do Architectural Leadership: Work closely with infrastructure and engineering teams to embed security into development workflows. Lead technical discussions that shape security strategy and initiatives. Multi-Cloud Engineering: Design, implement, and refine Sigma’s cloud security across AWS, GCP, and Azure, using deep architectural expertise. Threat Modeling & Incident Response: Conduct threat modeling for cloud environments and handle incident response, including investigation and remediation of malicious activity. Identity & Access Management: Develop strategies for IAM and privileged access (RBAC/ABAC, federation, least privilege, cross-account access). Remove standing privileges and long-lived credentials, and promote zero-trust and privileged access controls across IaaS and SaaS. Cloud Data Security Controls: Implement data classification, encryption/KMS, masking/tokenization, access governance, retention and deletion policies, and reduce exfiltration risks across APIs and data pipelines. Automated Remediation Workflows: Build automated responses for recurring cloud misconfigurations, drift, and policy violations to improve operational efficiency and response times. Security Stack Management: Deploy and manage cloud-native services, including CSPM, CNAPP, DSPM, SIEM, DLP, WAF, Kubernetes, and container security tools. Network Defense: Evaluate and implement zero-trust network security measures. Location: New York City, NY

About the RoleJoin our dynamic team at FanDuel as we seek a skilled Senior Enterprise Security Engineer. This pivotal role requires a professional who is dedicated to crafting and implementing enterprise security control strategies, while also shaping our security posture. You will play a key role in balancing risk reduction with user experience and operational enablement at scale.Reporting directly to the Senior Manager of Enterprise Security Engineering, you will tackle diverse security challenges and lead initiatives that foster a secure environment for our operations.Your ResponsibilitiesImplement cutting-edge models such as “secure by default” and “zero trust” to maintain a robust security posture.Act as a security subject matter expert, collaborating with internal teams to meet business objectives and overcome security challenges.Develop and manage team roadmaps while staying informed of the latest threats and identifying security risks independently.Utilize automation and development approaches to enhance enterprise-wide security controls.Employ AI technologies to amplify the effectiveness of Security Engineering and FanDuel's operations.Support the security organization as needed, fostering a collaborative team environment.What We’re Looking ForProven expertise in security engineering across multiple domains, including Zero Trust, Endpoint Security, Data Protection, and more.Intermediate proficiency in scripting languages such as Python, Go, or Ruby; experience with Python and PowerShell is a plus.Familiarity with identity access management frameworks and protocols like SAML, SCIM, OAuth, and WebAuthN.Ability to model threats to corporate infrastructure and implement preventative architectures and controls.Strong communication skills to work effectively with a diverse range of partners, from engineering to legal teams.Adeptness in navigating rapidly evolving environments with a focus on solving ambiguous challenges.

About UsAt Justworks, we foster a friendly and inclusive environment where exceptional benefits, wellness programs, company retreats, and opportunities to connect with industry leaders abound. Our commitment to our greatest asset—our people—is paramount.We empower businesses to thrive by handling their HR challenges, allowing them to concentrate on what they do best. Our data-driven approach fuels our continuous improvement. If you seek a supportive and entrepreneurial atmosphere where you can contribute to meaningful projects while enjoying your work, we want to hear from you!At Justworks, we are united by common goals and values, which are reflected in our products and our team dynamics.Discover Our ValuesIf this resonates with you, you will thrive here.Your RoleJustworks is in search of a skilled and proactive Senior Security Engineer to enhance our Security Architecture & Engineering initiatives. We need a versatile professional with expertise in various security domains, including but not limited to cloud security, application security, identity and access management (IAM), and data protection. This role will involve close collaboration with our Security Operations and Governance, Risk, and Compliance (GRC) teams.The ideal candidate will have a strong track record of developing security solutions that bolster organizational security and managing our overall security posture. As this is a hands-on technical position, proficiency in coding languages such as Ruby on Rails, Go, or JavaScript is essential. Experience in a Linux environment and familiarity with common cybersecurity tools are also preferred.

About UsAt Justworks, we foster a friendly and inclusive workplace culture where our employees are valued and supported. We offer comprehensive benefits, wellness programs, team retreats, and opportunities to connect with industry leaders in the startup ecosystem. Our commitment is to empower businesses by allowing them to focus on their core operations while we tackle their HR challenges. We are driven by data and constant innovation. If you are eager to contribute to a dynamic, entrepreneurial environment and are passionate about creating meaningful solutions while enjoying the journey, we invite you to join us.Our team is united by shared objectives and motivations, which are reflected in our core values as a company.Discover Our ValuesIf this resonates with you, we would love to have you on board.Your RoleWe are seeking a dedicated and experienced Senior Security Engineer with a specialization in AI to spearhead the execution of our AI strategy and advance the objectives of our Digital Security team. The ideal candidate will possess extensive expertise in developing and enhancing security protocols for AI systems, effectively defending against unique AI-related threats. You should have a strong background in assessing the security of software systems featuring AI capabilities, and designing protective measures to safeguard our data from AI-specific vulnerabilities. A foundational understanding of programming and development, particularly with languages such as Ruby on Rails and JavaScript, is essential. Experience in a Unix-like environment and proficiency with standard cybersecurity tools are also preferred.

K Health Careers seeks a Senior Application Security Engineer based in New York, NY. The focus of this role is to strengthen application security and protect user data and privacy across the organization. Key responsibilities Identify and analyze software vulnerabilities, then recommend practical solutions. Collaborate with developers and cross-functional teams to integrate security into every phase of the software development lifecycle. Conduct thorough security assessments and review both application code and system architecture. Advise teams on secure coding practices and support their adoption throughout the company. Lead projects focused on enhancing application security protocols and maintaining high standards. Collaboration and impact This position works closely with engineering and other stakeholders to embed security thinking into daily development. Sharing expertise, guiding teams, and shaping a strong security culture are central to the role.

Join our dynamic team as a Senior Security Engineer specializing in Enterprise SaaS solutions. In this pivotal role, you will leverage your expertise to enhance the security posture of our software offerings, ensuring robust protection against emerging threats. Collaborate with cross-functional teams to implement security best practices and drive initiatives that safeguard our clients' data.

THE POSITIONJoin our innovative team as a Senior Product Security Engineer, where you'll be instrumental in safeguarding AI-driven software solutions. Collaborate closely with engineering teams to pinpoint and mitigate security vulnerabilities across web, mobile, cloud, and AI-integrated systems. You'll also be tasked with designing and implementing intelligent automation tools that streamline security reviews and enhance developer productivity. This role perfectly balances hands-on security engineering and the development of scalable security automation, presenting a unique opportunity to secure cutting-edge AI capabilities while shaping the future of Product Security.THE GAME PLANEvery team member plays a vital role:Join a forward-thinking security engineering team dedicated to creating secure, reliable AI applications and products.Integrate security practices within product development teams to establish secure design frameworks for distributed and AI-enhanced systems.Perform comprehensive security evaluations, including penetration testing, code reviews, threat modeling, and architectural assessments.Provide AI and LLM-specific threat modeling and analyze risks associated with model integrations, data flows, and third-party AI services.Detect recurring security review trends and devise automation solutions to optimize lower-risk scenarios.Construct internal tools and workflows that expedite security evaluations.Create structured, scalable review methodologies that uphold rigor while boosting efficiency.Collaborate with technology leaders to define metrics that reflect security posture and review effectiveness.Work alongside development and operations teams to enhance modern product security standards and frameworks.Document and continuously improve processes related to key systems.Other duties may be assigned as required to meet evolving business needs.