Senior Product Security Engineer

The Role

We're seeking a Senior Product Security Engineer who is passionate about building and scaling robust security programs in an AI-forward engineering environment. Reporting to our Head of IT Operations & Information Security, you'll lead efforts to mature our product security initiatives at a pivotal moment of product expansion, ensuring security keeps pace as our developers increasingly leverage AI in their workflows.

A core part of this role is using AI and automation as force multipliers, building security tooling, guardrails, and review processes that scale to match the velocity of AI-assisted development across our engineering org.

Key Responsibilities

• Product Security Leadership: Partner with product and engineering teams to integrate security throughout the development lifecycle and drive security initiatives across our stack.
• AI-Augmented Security: Leverage AI and automation to scale product security coverage, matching the pace of AI-assisted development across engineering.
• Security Architecture: Design and implement security controls and architecture that scale with our growing product portfolio.
• Threat Modeling & Risk Assessment: Conduct comprehensive security reviews and threat modeling to identify and mitigate potential vulnerabilities, including risks introduced by AI-generated code and AI-powered features.
• Vulnerability Management: Contribute to our vulnerability management program, including triaging bug bounty and vulnerability disclosure reports and driving remediation efforts.
• Security Automation: Develop and implement automated security testing, monitoring, and response capabilities, using Tines itself, plus AI-driven tooling, to eliminate manual toil.
• Security Incident Response: Serve as an incident responder during security events and lead post-incident reviews.
• Security Education: Champion security awareness and provide technical guidance to engineering teams, including best practices for secure AI-assisted development.

Qualifications

• 8+ years of experience in application or product security roles, with demonstrated expertise in securing cloud-native applications.
• Strong understanding of modern application security principles, OWASP Top 10, and secure SDLC practices.
• Experience leveraging AI and automation to scale security programs.