Senior Product Security Engineer

🕒 Maio 13

🇺🇸 Estados Unidos – Remoto (EUA)

💵 $152.000 - $224.000 / ano

⏰ Tempo Integral

🟠 Sênior

👮‍♂️ Cibersegurança / Engenheiro de Segurança

🦅 Patrocina Visto H1B

Esta empresa já patrocinou vistos H1B no passado.

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Life360

SiteLinkedInTodas as Vagas

201 - 500 funcionários

Fundada em 2008

👥 B2C

📡 Telecomunicações

💰 Post-IPO Equity em 2022-11

B2C • Safety • Telecommunications

A Life360 é um aplicativo líder em segurança familiar que oferece um conjunto abrangente de serviços para segurança digital e de localização. Com a Life360, os usuários podem compartilhar sua localização facilmente, rastrear seus telefones e gerenciar medidas de segurança de direção, incluindo detecção de acidentes e assistência na estrada 24 horas por dia, 7 dias por semana. O aplicativo inclui recursos para segurança digital, como proteção contra roubo de identidade e alertas SOS, garantindo proteção e prevenção para cada membro da família. Os planos da Life360, que incluem opções gratuitas, Gold e Platinum, são projetados para atender diversas necessidades, oferecendo tranquilidade com ferramentas avançadas de segurança e coordenação. O aplicativo é confiado por milhões de usuários e altamente avaliado nas lojas de aplicativos por sua eficiência e confiabilidade na conexão entre membros da família e garantia de sua segurança.

Descrição

• Conduct security architecture reviews across mobile (iOS/Android), backend (Java, Python, PHP), data pipelines, and third-party integrations. You're the security partner teams come to during design, not after. • Translate threat models and security requirements into pragmatic guidance engineers can act on. • Build trusted relationships with product and platform engineering teams • Further operationalize and tune ASPM tooling (Cycode) to unify SAST, SCA, secret scanning, and container security into actionable signal, not noise. • Build security-as-code patterns and pre-approved libraries that make the secure path the default path. • Automate vulnerability triage, deduplication, and routing so the team spends time on judgment, not toil. • Drive SLA-based remediation workflows with clear severity definitions, ownership, and escalation paths. • Build metrics that translate security posture into language engineering leadership and executives can use. • Partner on design reviews for AI-powered features: model access controls, data boundary enforcement, and retrieval system authorization. • Contribute to securing agent workflows, MCP integrations, and shared AI tooling as adoption scales across engineering. • Work with Privacy, Legal, and Data Platform on controls for sensitive data: real-time location, family relationships, and data involving minors.

🎯 Requisitos

• 5+ years in application security, product security, or DevSecOps with a track record of shipping controls that earn adoption, not just approval. • Hands-on builder. You define secure patterns, write code, and deliver tooling that holds up in production. You're a practitioner, not just an advisor. • Experience conducting threat models and security architecture reviews across mobile (iOS/Android), cloud (AWS/GCP), and backend services (Java, Python, PHP). You catch design flaws that automated tools miss. • Practical experience securing AI/ML systems. You've worked with prompt pipelines, RAG architectures, model access controls, or agentic workflows and understand the trust, authorization, and data boundary problems they introduce. • Working knowledge of ASPM platforms and security tooling: SAST, SCA, secret scanning, container scanning. You've tuned these to produce signal, not noise. • Familiarity with CI/CD security integration. You've built security into pipelines without breaking developer velocity. • Solid grounding in secure development practices: OWASP Top 10, OWASP LLM Top 10, secure-by-design principles, and practical remediation guidance. • Comfort with ambiguity. You're energized by first-draft standards, testing approaches, and scaling what works rather than waiting for a playbook. • Strong cross-functional communication. You carry risk, tradeoffs, and technical decisions across engineering, product, and leadership without losing precision. You can reshape a risky decision clearly and constructively.

🏖️ Benefícios

• Competitive pay and benefits • Medical, dental, vision, life and disability insurance plans (100% paid for employees) • 401(k) plan with company matching program • Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being • Flexible PTO, 13 company-wide days off throughout the year • Winter and Summer Weeklong Synchronized Company Shutdowns • Learning & Development programs • Equipment, tools, and reimbursement support for a productive remote environment • Free Life360 Platinum Membership for your preferred circle • Free Tile Products