Senior Product Security Engineer

🕒 vor 1 Monat

🇺🇸 Vereinigte Staaten – Remote

💵 $152.000 - $224.000 / Jahr

⏰ Vollzeit

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Life360

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

Gegründet 2008

👥 B2C

📡 Telekommunikation

💰 Post-IPO Equity im 2022-11

B2C • Safety • Telecommunications

Life360 ist eine führende App für Familiensicherheit, die eine umfassende Palette von Diensten für Standort- und digitale Sicherheit bietet. Mit Life360 können Benutzer mühelos ihren Standort teilen, ihre Telefone verfolgen und Sicherheitsmaßnahmen beim Fahren verwalten, einschließlich Unfallerkennung und 24/7 Pannenhilfe. Die App beinhaltet Funktionen zur digitalen Sicherheit, wie Identitätsschutz und SOS-Benachrichtigungen, um Sicherung und Prävention für jedes Familienmitglied zu gewährleisten. Die Pläne von Life360, zu denen kostenlose, Gold- und Platin-Optionen gehören, sind darauf ausgelegt, verschiedene Bedürfnisse zu erfüllen und bieten Sicherheit durch fortschrittliche Sicherheits- und Koordinationstools. Die App wird von Millionen von Nutzern vertraut und ist in den App-Stores für ihre Effizienz und Zuverlässigkeit hoch bewertet, wenn es darum geht, Familienmitglieder zu verbinden und deren Sicherheit zu gewährleisten.

Beschreibung

• Conduct security architecture reviews across mobile (iOS/Android), backend (Java, Python, PHP), data pipelines, and third-party integrations. You're the security partner teams come to during design, not after. • Translate threat models and security requirements into pragmatic guidance engineers can act on. • Build trusted relationships with product and platform engineering teams • Further operationalize and tune ASPM tooling (Cycode) to unify SAST, SCA, secret scanning, and container security into actionable signal, not noise. • Build security-as-code patterns and pre-approved libraries that make the secure path the default path. • Automate vulnerability triage, deduplication, and routing so the team spends time on judgment, not toil. • Drive SLA-based remediation workflows with clear severity definitions, ownership, and escalation paths. • Build metrics that translate security posture into language engineering leadership and executives can use. • Partner on design reviews for AI-powered features: model access controls, data boundary enforcement, and retrieval system authorization. • Contribute to securing agent workflows, MCP integrations, and shared AI tooling as adoption scales across engineering. • Work with Privacy, Legal, and Data Platform on controls for sensitive data: real-time location, family relationships, and data involving minors.

🎯 Anforderungen

• 5+ years in application security, product security, or DevSecOps with a track record of shipping controls that earn adoption, not just approval. • Hands-on builder. You define secure patterns, write code, and deliver tooling that holds up in production. You're a practitioner, not just an advisor. • Experience conducting threat models and security architecture reviews across mobile (iOS/Android), cloud (AWS/GCP), and backend services (Java, Python, PHP). You catch design flaws that automated tools miss. • Practical experience securing AI/ML systems. You've worked with prompt pipelines, RAG architectures, model access controls, or agentic workflows and understand the trust, authorization, and data boundary problems they introduce. • Working knowledge of ASPM platforms and security tooling: SAST, SCA, secret scanning, container scanning. You've tuned these to produce signal, not noise. • Familiarity with CI/CD security integration. You've built security into pipelines without breaking developer velocity. • Solid grounding in secure development practices: OWASP Top 10, OWASP LLM Top 10, secure-by-design principles, and practical remediation guidance. • Comfort with ambiguity. You're energized by first-draft standards, testing approaches, and scaling what works rather than waiting for a playbook. • Strong cross-functional communication. You carry risk, tradeoffs, and technical decisions across engineering, product, and leadership without losing precision. You can reshape a risky decision clearly and constructively.

🏖️ Vorteile

• Competitive pay and benefits • Medical, dental, vision, life and disability insurance plans (100% paid for employees) • 401(k) plan with company matching program • Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being • Flexible PTO, 13 company-wide days off throughout the year • Winter and Summer Weeklong Synchronized Company Shutdowns • Learning & Development programs • Equipment, tools, and reimbursement support for a productive remote environment • Free Life360 Platinum Membership for your preferred circle • Free Tile Products