Airtable
Airtable

Product Security Engineer

engineeringfull-timeSan Francisco, CA; New York, NY; Remote (Seattle, WA only)
SALARY
Not specified
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position →
✦ AutoApply — Let us apply to roles like this on your behalf.
Learn more →

About the role

What you'll do

  • Develop self-service security frameworks and "paved roads" that allow engineering teams to ship secure code by default.
  • Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues (for example, multi-tenant isolation and authorization/permission bypasses) that automated tools cannot catch.
  • Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance.
  • Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows.
  • Manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem.
  • Contribute to the long-term roadmaps, metrics, and strategic planning for the security team.
  • (Senior/Staff L5+) Lead complex threat modeling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organization.

Who you are

  • 4+ years of experience in product security or application security, with experience shipping production code. Please note this is not an early career position.
  • You have a strong background in computer science or a related field, with proficiency in writing clean, maintainable code.
  • You have deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them.
  • You have hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks.
  • You are proficient in writing and reviewing code and treat security as an engineering problem to be solved with software, not just policies.
  • You excel at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity.
  • You are comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy.
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. $14.44/mo.
Start AutoApply →
Apply now →