Senior Product Security Engineer - Red Team

At Crusoe, we are on a mission to accelerate the accessibility of energy and intelligence for everyone. Join us in creating the infrastructure that enables individuals to innovate boldly with AI, all while maintaining a commitment to scale, speed, and sustainability.Become a key player in the AI revolution through sustainable technology at Crusoe. Here, you will spearhead groundbreaking innovations, make a significant impact, and collaborate with a team dedicated to shaping the future of responsible cloud infrastructure.Role Overview:Crusoe AI is seeking a Senior Product Security Engineer to play a pivotal role in protecting our cloud products and applications, particularly those centered on AI/ML, throughout their entire lifecycle.In this position, you will lead the establishment and enforcement of security best practices within the development lifecycle. Your responsibilities will include performing comprehensive threat modeling, executing security assessments, and working closely with product and engineering teams to strengthen our security posture, ensuring the robustness of our innovative solutions and the protection of customer data.Your Daily Responsibilities:Collaborate with product and engineering teams to embed security best practices into the software development lifecycle.Conduct threat modeling, security architecture evaluations, design assessments, and code reviews for new product initiatives. Perform penetration testing, vulnerability assessments, and security evaluations of product features and systems.Create and implement security automation tools to monitor and test code and software for vulnerabilities.Establish and maintain secure coding protocols and procedures tailored for cloud and Kubernetes environments.Proactively detect and mitigate risks in user-facing processes and critical infrastructure.Lead security education, training, and mentorship initiatives to cultivate a culture of security awareness across all teams.Identify and manage security vulnerabilities, ensuring they are documented, prioritized, and addressed promptly.Qualifications for Success:You possess 4-6+ years of experience in Information Security, with a specialization in application or product security.You have proficiency in cloud platforms such as AWS, GCP, or Azure, and expertise in Kubernetes orchestration as well as automation scripting (e.g., Python).

Become a pivotal part of our cybersecurity team as a Red Team Security Engineer at Astranis. In this role, you will have the opportunity to simulate sophisticated attacks on our systems, helping to identify vulnerabilities and strengthen our security framework. We are looking for innovative thinkers who can think like adversaries and enhance our defenses.

Astranis is on the forefront of satellite technology, developing advanced satellites designed for high orbits that expand humanity’s reach into the solar system. Our innovative satellites deliver dedicated, secure communication networks to a diverse range of clients, including large enterprises, sovereign governments, and the US military. With five satellites currently in orbit and numerous launches planned, we are proudly managing a backlog exceeding $1 billion in commercial contracts.Astranis is the go-to satellite communications partner for clients with rigorous demands for uptime, data security, and network customization. Having raised more than $750 million from some of the most recognized investors, including Andreessen Horowitz, Blackrock, and Fidelity, we boast a talented team of 450 engineers and entrepreneurs. Our operations are based in a state-of-the-art 153,000 sq. ft. facility in Northern California, USA.Senior Product Security EngineerAs a Senior Product Security Engineer at Astranis, you will leverage your extensive software engineering expertise with a strong focus on security. You will be tasked with designing and building secure systems, specializing in critical areas such as cryptography, Public Key Infrastructure (PKI), and zero trust architectures. Your role will encompass evaluating processes, operating systems, and applications from a security-first engineering perspective. While your primary responsibility will be to develop secure software, you will also play a key role in identifying vulnerabilities, conducting risk analyses, and leading thorough security reviews.

Join Airwallex as a Senior Product Security EngineerAt Airwallex, we are revolutionizing the payments and financial landscape for global enterprises. Our cutting-edge platform, built on robust proprietary technology, serves over 200,000 businesses globally, including industry leaders like Brex, Rippling, Navan, Qantas, and SHEIN. We offer a seamless suite of integrated solutions for business accounts, payments, spend management, treasury, and embedded finance.Founded in Melbourne, our diverse team of over 2,000 talented professionals operates out of 26 offices worldwide. With a valuation of $8 billion and backing from prominent investors like T. Rowe Price, Visa, Mastercard, and Sequoia, Airwallex is at the forefront of shaping the future of global finance. If you're eager to make a meaningful impact in your career, we invite you to be part of our ambitious journey.What We ValueWe seek builders with entrepreneurial spirit who thrive on making an impact and pursuing accelerated learning. If you possess strong expertise and analytical skills, and share our mission and operating principles, we want you on our team. You should possess a balance of speed and thoroughness, driven by curiosity and informed decision-making.Collaboration and humility are key; we expect you to transform innovative ideas into tangible products and drive projects to completion. Harnessing AI to enhance efficiency and solve challenges is part of our ethos. Here, you'll confront complex, high-stakes challenges alongside exceptional colleagues and advance your career as we pioneer the future of global banking. If this resonates with you, let’s create what’s next together.Your RoleAs a Senior Security Engineer at Airwallex, you will play a pivotal role within our Information Security team, collaborating closely with Infrastructure, Product, and Engineering teams across the organization. Reporting to the Product Security Engineering Manager, you will be instrumental in identifying, protecting, detecting, responding to, and recovering from cybersecurity threats.This dynamic, hands-on position requires expertise in designing, developing, and managing infrastructure projects, processes, and standards that safeguard our networks, systems, and applications.

About FaireFaire is a dynamic online wholesale marketplace that champions local entrepreneurship. We believe in the power of small, independent retailers who collectively generate more revenue than giants like Walmart and Amazon. Our mission is to empower these businesses through cutting-edge technology, data insights, and machine learning, enabling them to find unique products from around the world to offer in their stores. We strive to level the competitive field, allowing small businesses to thrive against larger corporations.By nurturing the growth of independent retailers, Faire is making a significant economic impact in communities worldwide. We are looking for talented, innovative, and dedicated individuals who share our passion for supporting local businesses. If you resonate with the values of community and collaboration, we invite you to be a part of our mission.Role Description:As a pivotal member of our Engineering organization, you will be at the forefront of developing the software that powers our marketplace. The Product Security team plays a crucial role in enabling our product engineering teams to build and deploy secure software solutions. We prioritize strong engineering practices and are passionate about writing scalable, maintainable, and secure code that successfully caters to millions of users. Our approach focuses on building reusable frameworks, consulting with product teams, leveraging data insights, and continuously iterating on our processes.In your role as a Senior Staff Software Engineer specializing in Product Security, you will take the lead in defining the technical vision for security practices across Faire’s application stack. You will collaborate closely with Platform and Product Engineering teams to identify and mitigate security vulnerabilities, spearhead critical security initiatives, and mentor fellow engineers to elevate secure engineering standards throughout the organization.Your efforts will also include leading cross-functional programs that integrate security deeply into our architecture, pipelines, and overall developer experience, ensuring a balanced approach that minimizes risk while maintaining development velocity.As a Senior Staff Software Engineer, Product Security, you will collaborate with us to:Establish a long-term technical strategy for application security at Faire, creating scalable and developer-friendly frameworks that facilitate secure development across all product domains.

Join Perplexity, a pioneering organization at the forefront of AI and technology, as we seek a talented and proactive Offensive Security Engineer. In this critical role, you will be part of our innovative security team, adopting an adversarial mindset to fortify our infrastructure, applications, and AI systems. Your expertise will drive red team operations, penetration tests, and attack simulations across various environments—including our cloud infrastructure, web, and mobile applications. You will actively identify vulnerabilities before they can be exploited by adversaries, collaborating closely with engineering teams to implement effective remediations.Key ResponsibilitiesPlan and execute red and purple team engagements, simulating advanced threat actors across our cloud services (AWS, Kubernetes), endpoints, and application surfaces.Conduct thorough and ongoing penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services.Evaluate AI/ML-specific attack surfaces, tackling challenges such as prompt injection, model exfiltration, agent abuse, tool exploitation, and security boundaries of MCP.Develop and maintain custom offensive security tools, exploits, and automation to enhance the efficiency and scope of security testing.Perform open-scope adversary simulations to test detection and response capabilities, working closely with the defensive security team.Lead threat modeling sessions with engineering teams to identify and prioritize potential attack vectors in new features and architectures.Provide clear and actionable insights to both technical and executive audiences, collaborating with engineering teams to validate remediation efforts.Contribute to securing CI/CD pipelines, ensuring supply chain integrity, and managing secrets through offensive assessments.Remain informed about emerging attack techniques, vulnerability research, and adversarial tactics, bringing fresh insights to Perplexity's security strategy.

Join Scale AI as a highly skilled Security Engineer in our Product Security team, where you will play a pivotal role in safeguarding the security and integrity of our products and services. This position involves conducting comprehensive code reviews, implementing security best practices, and shaping our overarching security strategy. Your proficiency in TypeScript, Python, AWS, CI/CD, SAST, DAST, and Terraform orchestration will be vital in detecting and addressing potential security threats. You will have the opportunity to analyze complex issues, identify root causes independently, and articulate the complexities and implications of security vulnerabilities, including their potential for exploitation and impact. Your responsibilities will include:Utilizing extensive product security knowledge to design and maintain software tools that secure every layer of the modern AI/ML software ecosystem.Conducting thorough code reviews to identify and rectify security vulnerabilities.Assessing and improving the security of our product offerings through RFC and service evaluations.Establishing and sustaining CI/CD pipelines with a strong emphasis on security.Executing Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) to uncover vulnerabilities in production code.Employing Terraform orchestration to maintain secure and efficient infrastructure management.Advising engineering teams on developing robust, long-term solutions that prioritize security and privacy.Clearly communicating the mechanics and significance of security vulnerabilities, including their exploitability and potential consequences.Contributing to the security strategy and direction of the team, advocating for best practices and ongoing enhancements. Ideal candidates will possess:A proven track record of independently driving multi-month security initiatives, from problem identification to execution, with minimal oversight.Significant experience as a Security Engineer with an emphasis on product security.Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes.A strong grasp of modern JavaScript application design.Practical experience in operating and securing AWS infrastructure at scale.Hands-on experience with SAST and DAST tools and methodologies.Familiarity with Terraform orchestration for managing infrastructure.Capability to analyze complex problems and identify root causes independently, providing actionable insights without managerial input.Exceptional communication skills, enabling clear presentation of technical concepts to diverse audiences.

About Our TeamAt OpenAI, our Safety Systems organization is dedicated to ensuring the responsible development and deployment of our most advanced AI models. We create robust evaluations, safeguards, and safety frameworks that guarantee our models operate as intended in real-world environments.The Preparedness team, an integral part of the Safety Systems organization, is guided by OpenAI’s Preparedness Framework.While frontier AI models hold the promise of benefiting humanity, they also introduce significant risks. The Preparedness team is tasked with monitoring and preparing for catastrophic risks associated with these advanced AI models to ensure they drive positive change.Our mission includes:Proactively monitoring and assessing the evolving capabilities of frontier AI systems, focusing on identifying catastrophic risks.Establishing concrete procedures, infrastructure, and partnerships to effectively mitigate these risks and manage the development of powerful AI systems safely.This dynamic and impactful role connects capability assessments, evaluations, internal red teaming, and mitigations for frontier models, playing a crucial role in our overall AGI preparedness efforts.About the PositionIn this pivotal role, you will spearhead the Automated Red Teaming (ART) initiative, developing scalable, research-driven systems that continuously identify failure modes in our AI models and implement actionable improvements. Your primary goal will be to minimize potential harm by identifying the most critical vulnerabilities early and reliably.Your ResponsibilitiesYou will direct the research and technical strategy for automated red teaming across critical risk areas, focusing initially on:Automated discovery of classifier jailbreak vulnerabilities (cybersecurity and biosecurity).Automated elicitation of bio threat-development scenarios (worst-case planning uplift).

About ValonValon is pioneering the AI-driven operating system for regulated finance, beginning with mortgage servicing. As a Series C company backed by a16z, we are revolutionizing sectors that many deemed too complex for innovation.Instead of relying on outdated legacy systems, we took an innovative route by developing and managing our own mortgage servicing business, overseeing over $110 billion in loans. This strategic choice has allowed us to gain profound insights into the complexities necessary to create software that genuinely functions in regulated industries.The results are remarkable. We've turned mortgage servicing from a 0% margin industry into one that boasts margins exceeding 60%, all while significantly enhancing customer satisfaction. Major enterprise contracts are now rolling out across the sector.ValonOS is our comprehensive platform that structures and automates every process, positioning us perfectly for the AI era. With a single system powered by rich data, our AI agents not only streamline tasks but also perpetually enhance overall operations. While mortgage servicing is our starting point, our vision extends to transforming regulated industries and beyond.Security at ValonOur clients entrust us with their most sensitive financial information, and our Security team’s foremost mission is to implement robust programs, processes, and automation to protect this data. We safeguard the infrastructure and data involved in processing billions of dollars in mortgage loans.Beyond protecting Valon’s internal systems, our Security team collaborates closely with Product and Engineering teams to design and deliver secure, scalable, and reliable features for ValonOS. We work cross-departmentally to embed security throughout the organization, regularly engaging with external security auditors, pentesting firms, and partners to continuously assess and enhance Valon’s security posture.Valon has offices in New York City and San Francisco, but we fully embrace remote work!

Join Astranis as a Senior Product Security Engineer, where you will play a pivotal role in safeguarding our innovative satellite technology. Your expertise will ensure that our products are secure from design through development and into deployment. Collaborate with cross-functional teams to implement security best practices, conduct risk assessments, and respond to security incidents effectively.

We are seeking a highly skilled Senior Security Engineer to join our innovative team at Decagon in San Francisco. In this pivotal role, you will be responsible for safeguarding our digital infrastructure and ensuring the security of our systems against potential threats. You will work closely with cross-functional teams to design and implement security solutions, conduct risk assessments, and develop incident response strategies.As a Senior Security Engineer, you will have the opportunity to leverage your expertise in security protocols, threat detection, and vulnerability management to enhance our security posture. Your contributions will be essential in creating a secure environment for our operations and clients.

Join ConduitAt Conduit, we are pioneering a crypto-native cloud platform designed to scale Ethereum, empowering creators in the crypto space.The limitations of on-chain computing have hindered crypto developers, preventing the creation of high-performance applications. Without the capacity for rapid and cost-effective transaction processing, the growth of on-chain ecosystems remains stunted.Rollups offer a transformative solution, facilitating scalability in web3 akin to the server networks that enhanced web2 computing. However, developing and managing a personalized rollup can be a complex and resource-intensive endeavor. This is where Conduit steps in.As a rollup-native cloud service, Conduit seamlessly integrates web2 engineering practices with cutting-edge web3 rollup technologies, simplifying the process for anyone to launch and manage their own chain. By streamlining infrastructure and maximizing on-chain computing, we aim to ignite the next wave of innovation within the crypto landscape.Since our launch in 2023, the Conduit platform has experienced exponential growth. We currently operate the largest production chains, including Proof of Play, Zora, Aevo, and many more, managing over 200 chains across mainnet and testnet with a total value locked (TVL) exceeding $1 billion. We are at the forefront of blockchain scalability, evolving alongside our clients and partners to push the boundaries of the technology.Our achievements have been bolstered by a successful $37M Series A funding round, co-led by Paradigm and Haun Ventures, two of the industry’s most respected investors.Our elite team comprises talented individuals from prestigious organizations such as Meta, Brex, Wish, Compound, Chainalysis, Immunefi, Amazon, Avara/Aave, Paradigm, and more. Headquartered in San Francisco, we have team members distributed globally.We are on the lookout for driven and skilled builders eager to help scale Ethereum and democratize crypto computing. Join us in this exciting journey!

Join Oleria Security as a Senior Product Marketing Lead in our San Francisco office, where you will play a pivotal role in shaping our marketing strategies and driving product adoption. This is an exciting opportunity for a talented individual with a passion for technology and a strategic mindset.You will collaborate closely with cross-functional teams, including product management, sales, and engineering, to develop and execute robust marketing initiatives. Your expertise in understanding customer needs and market dynamics will be instrumental in crafting compelling product narratives and positioning strategies.

At Bugcrowd, we have been revolutionizing the way organizations defend against cyber threats since 2012. Our patented Security Knowledge Platform™, powered by data and AI, harnesses the collective expertise of a trusted network of elite hackers. By identifying hidden vulnerabilities and adapting to ever-evolving threats, including zero-day exploits, we empower our clients to reclaim their security. With our innovative CrowdMatch™ technology, we provide unmatched scalability and precision in matching talent to your unique security challenges. Join us in creating a new era of modern crowdsourced security that stays ahead of threat actors. Explore more at www.bugcrowd.com. We are headquartered in San Francisco and New Hampshire, backed by leading investors like General Catalyst, Rally Ventures, and Costanoa Ventures.Job SummaryAs the Product Security Engineering Manager, you will be pivotal in shaping and executing our application security, platform security, and FedRAMP initiatives. You will lead and mentor a geographically diverse team of security engineers, passionate about embedding security into the engineering process and building secure-by-default systems. If you thrive in a hands-on role that empowers others, we would love to connect with you.

About LangChainLangChain is dedicated to making intelligent agents a common part of our daily lives. We provide the essential framework for agent engineering that enables developers to transition from experimental prototypes to production-ready AI agents that organizations can depend on. Having started as widely embraced open-source tools, we have evolved to also deliver a robust platform for the development, evaluation, deployment, and management of agents at scale.Our tools, including LangChain, LangGraph, LangSmith, and Agent Builder, are actively utilized by teams delivering tangible AI products across both startups and large corporations. Millions of developers rely on LangChain to empower AI teams at renowned companies such as Replit, Clay, Coinbase, Workday, Lyft, Cloudflare, Harvey, Rippling, Vanta, and 35% of the Fortune 500.With $125M raised in our Series B funding round from prominent investors including IVP, Sequoia, Benchmark, CapitalG, and Sapphire Ventures, we are at a pivotal point of innovation, accelerating growth, and empowering every team member to have a significant impact on our products and collaborative culture. At LangChain, your contributions can truly influence how this technology integrates into the real world.About the RoleAs the hands-on security lead, you will work closely with our core product teams to ensure the security of agent workloads from end to end, encompassing everything from SDK to LangSmith/Graph services and customer integrations. You will be responsible for defining our security roadmap, achieving immediate hardening wins, and elevating the standards for how AI infrastructure is secured in production. We are seeking engineers with expertise in either cloud/infrastructure security or application security (expertise in both is a significant advantage!).Lead product & platform security: Design and implement application/infrastructure security controls across LangSmith, LangGraph, and the LangChain SDK ecosystem (Python/TS/Go).Implement secure-by-default authentication and authorization: Enhance SSO/SAML/OIDC/SCIM, manage token lifecycles, establish service-to-service authentication, and ensure tenant isolation for both cloud and self-hosted customers.Vulnerability management: Oversee scanning, triage, and patching SLAs; coordinate with engineering teams to ensure swift remediation without delaying delivery.Develop secure code, conduct reviews, and create tools: Implement secure design principles, write pull requests, execute penetration tests, and introduce lightweight checks (linters, dependency/supply-chain scanning, SBOM/SLSA provenance) to facilitate security at scale.Enhance hardening & operations: Focus on network segmentation/Zero Trust, Kubernetes posture management, secrets management, key rotation, least-privilege IAM, and egress controls.

Employee Applicant Privacy Notice About SoFi SoFi is a national bank and financial services provider focused on helping millions of members achieve their financial goals. The company builds mobile-first technology that empowers users to take control of their finances. SoFi’s work directly impacts people’s lives and shapes the financial industry. Core values guide the team as they work to improve both careers and the broader financial landscape. Role Overview The Security Product Lead for Product & AI Security sets the strategy, roadmap, and measurable outcomes for securing SoFi’s product lifecycle and supporting AI/ML initiatives. This position sits within the Security Strategy & Delivery team and works closely with leaders and teams in Product Security, Engineering, and Data Science/AI. Main Responsibilities Define and communicate the strategic direction for Product Security and AI Security as internal security products. Align security initiatives with enterprise risk priorities. Develop and maintain a clear roadmap for security capabilities. Establish and track key performance indicators (KPIs) to measure success. Implement structured program governance for security initiatives. Collaborate across teams to integrate security controls throughout the software development lifecycle (SDLC). Address unique risks associated with AI/ML systems. Influence stakeholders and drive alignment without direct authority. Help protect member trust, company assets, and support business stability and growth. Location Roles are available in Seattle, WA; Cottonwood Heights, UT; San Francisco, CA; New York City, NY; and Frisco, TX.

Join Our Team as a Senior Security EngineerAt LiteLLM, the leading AI Gateway trusted by industry giants such as Adobe, Netflix, and NASA, we empower developers with secure and reliable access to LLMs and associated services. We are seeking a talented Senior Security Engineer to establish robust security measures and observability tools as we scale our platform.Your Role:Become a cornerstone of our security team as our inaugural Security Engineer, tackling pivotal security challenges head-on.Key Responsibilities:Perform in-depth security assessments of the LiteLLM proxy codebase to uncover potential supply chain vulnerabilities.Develop and manage automated security scans for our Docker images, PyPI packages, and CI/CD workflows (including dependency scanning and secrets detection).Create and enforce secure-by-default configurations for both cloud and self-hosted environments (API authentication, IAM least privilege, key rotation).Implement and oversee intrusion detection systems and alerts tailored to model and API usage patterns.Lead incident response efforts and post-mortem analyses, including vulnerability assessments and stakeholder communication.Establish a formal CVE triage and disclosure protocol in collaboration with the engineering team.Conduct internal red teaming and adversarial testing to simulate real-world attacks and enhance our defenses.Collaborate with engineering teams to fortify release pipelines (signed builds, provenance checks, reproducible builds).Develop secure coding standards and conduct regular training sessions for developers focused on supply chain and dependency management.Maintain and update threat models as LiteLLM’s products and architecture evolve.

About SentryAt Sentry, we are dedicated to eradicating bad software. Our mission is to empower developers to create better software more efficiently, allowing everyone to enjoy technology once more.With over $217 million in funding and a community of more than 100,000 organizations, including industry leaders like Disney, Microsoft, and Atlassian, we are at the forefront of building performance and error monitoring tools that minimize bug fixing and maximize product development.We embrace a hybrid work model across our global teams, designating Mondays, Tuesdays, and Thursdays as in-office days to foster collaboration. If you are passionate about creating tools that enhance the digital experience, join us in developing the next generation of software monitoring solutions.About The RoleOur security team is committed to safeguarding every aspect of Sentry, from our customer data to our internal code. As a Senior Security Engineer, you will be integral to our mission of enhancing security across our application and Kubernetes platform. Collaborating with engineering teams, you will help strengthen Sentry’s cloud security posture through strategic architecture, threat modeling, and hands-on coding when necessary.Key ResponsibilitiesLead critical initiatives aimed at addressing significant security challenges, from conceptualization to execution.Collaborate on cross-departmental objectives to drive security goals forward.Conduct research and assess new technologies that can bolster our security framework with a focus on scalability.Identify vulnerabilities within our systems and data while developing and implementing robust protective measures.Support cross-functional teams in integrating security solutions that adhere to Secure-by-Design principles.Ideal Candidate AttributesDesire to be a foundational member of an agile, engineering-centric security team.Enjoy collaborating with enthusiastic security, application, platform, and infrastructure engineers eager to innovate.Passionate about advancing security practices to enhance software quality.

Join Astranis as a Product Security Engineer and play a crucial role in safeguarding our cutting-edge technology and systems. You will work collaboratively with cross-functional teams to identify vulnerabilities, implement security measures, and ensure the integrity of our products. Your expertise will help us maintain the highest security standards while delivering innovative solutions.

At Crusoe, our mission is to accelerate the abundance of energy and intelligence. We are developing cutting-edge technology that empowers individuals to create ambitiously with AI, ensuring that we do not compromise on scale, speed, or sustainability.Join us in driving the AI revolution through sustainable technology. At Crusoe, you will lead significant innovations, make a real impact, and collaborate with a team that is at the forefront of responsible and transformative cloud infrastructure.About This RoleCrusoe is establishing the foundational infrastructure for the future of AI and high-performance computing. We are in search of a talented individual who is committed to building security into our systems from the ground up. As a member of the Product Security team, you will not only secure our future but actively contribute to building it. You will work closely with engineering teams, deploy production code, design secure architectures, and establish the security foundations necessary to safeguard our platform at scale. This is a high-impact role where you will influence security practices across the company, enabling teams to choose the secure path effortlessly.We are looking for a Senior Product Security Software Engineer who excels as a software engineer with expertise in AI. You will design secure systems, create security controls that integrate smoothly into developer workflows, and elevate the security standards across our AI infrastructure and distributed systems while maintaining a pragmatic, delivery-focused approach.