2 months ago
Responsibilities
- Own product security end to end, including threat modeling and secure design reviews.
- Build secure SDLC practices that engineers follow, including security requirements and CI checks.
- Drive multi-tenant and data boundary safety, including secrets handling and key management.
- Partner with Engineering leaders to integrate security into the development process.
- Own SOC 2 compliance programs, including control design and implementation.
- Lead audits and external reviews with minimal disruption to engineering teams.
- Manage product security incident readiness and vulnerability management.
- Communicate and coordinate during security incidents to ensure accountability.
Requirements
- 8+ years in security engineering, product security, or platform security roles.
- 4+ years owning security architecture or security programs for a production SaaS product.
- Deep product security background in modern cloud systems, ideally multi-tenant SaaS.
- Strong engineering skills to review designs and drive pragmatic solutions.
- Experience building security and compliance programs in high growth environments.
- Calm operator during incidents with strong communication skills.
- Comfortable defining the security role in partnership with leadership.
