Senior Product Security Engineer – Customer Platform

🕒 May 15

🇺🇸 United States – Remote

💵 $180k - $230k / year

⏰ Full Time

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Valon

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2019

💸 Finance

💳 Fintech

🏠 Real Estate

Finance • Fintech • Real Estate

Valon is a residential mortgage servicer, lender, and insurance agency focused on empowering homeowners. The company offers a wide range of services to manage mortgages, provide loans, and offer insurance solutions to homeowners. Valon aims to simplify the process of homeownership through ease, security, and financial expertise, utilizing modern technology to deliver personalized and streamlined services. With a mission to transform the traditional mortgage industry, Valon provides convenient and intuitive platforms for managing mortgages and accessing financial resources, striving for high-quality customer service and competitive rates.

📋 Description

• Define and evolve product security architecture for Valon’s multi-tenant SaaS platform • Support secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management) • Build and maintain security reference architectures and standardized secure design patterns for product teams • Lead threat modeling, security design and code reviews for new features, services, and major architectural changes • Design and build AI-assisted workflows that automate and accelerate product security areas • Evaluate AI risks across internal and external applications • Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks • Support vulnerability triage, remediation strategy, and root cause analysis for product security issues • Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence • Develop, implement, and enforce security policies, standards, and procedures • Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes

🎯 Requirements

• Focused experience in product security, application security, or security architecture roles, with ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities. • Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (GCP preferred). • Experience in SaaS IAM and tenant security (e.g., authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs). • Expertise in designing secure platform controls (e.g., APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring) • Demonstrated ability to build and maintain security reference architectures. • Strong experience leading threat modeling and security design reviews including security-focused code reviews. • Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts) • Highly hands-on engineer with proven ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently. • Excellent communication and collaboration skills, including the ability to explain complex security concepts to both technical and non-technical stakeholders. • Prior software engineering experience and/or coding ability (Python) is preferred. • Experience working in high-growth or startup environments is a plus. • 5+ years in security engineering roles focused on product, application, and/or cloud security • Bachelor's degree in Information Security, Computer Science, Technology or related field • Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)

🏖️ Benefits

• Competitive salary with a meaningful stake in the company via equity, and 401k plan • We’ll invest in your physical and mental well-being with comprehensive medical, dental, & vision benefits • We offer pre-tax deductions for public transportation, rideshare services, and parking expenses to make your commute more affordable and convenient • Company wide orientation for you to successfully onboard and other learning & development opportunities including regular review cycles that feature 360 degree feedback • Quarterly budgets for team and company outings. Use it for team swag, cooking classes, or team dinners! • Flexible paid time off, sick days, and 11 company holidays • 12 weeks off for both birthing and non-birthing parents - fully paid so you can focus your energy on your newest addition