Senior Product Security Engineer

🕒 il y a 27 jours

🇺🇸 États-Unis – Télétravail

💵 $152 000 - $224 000 / an

⏰ Temps Plein

🟠 Senior

👮‍♂️ Cybersécurité / Ingénieur Sécurité

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Life360

Site WebLinkedInTous les Emplois

201 - 500 employés

Fondée en 2008

👥 B2C

📡 Télécommunications

💰 Post-IPO Equity en 2022-11

B2C • Safety • Telecommunications

Life360 est une application de sécurité familiale de premier plan qui offre une gamme complète de services pour la sécurité de localisation et numérique. Avec Life360, les utilisateurs peuvent partager leur localisation sans effort, suivre leurs appareils et gérer les mesures de sécurité routière, y compris la détection des accidents et l'assistance routière 24/7. L'application inclut des fonctionnalités pour la sécurité numérique, telles que la protection contre le vol d'identité et les alertes SOS, garantissant ainsi la protection et la prévention de chaque membre de la famille. Les forfaits de Life360, qui incluent des options gratuite, Gold et Platinum, sont conçus pour répondre à divers besoins, offrant une tranquillité d'esprit grâce à des outils avancés de sécurité et de coordination. L'application est appréciée par des millions d'utilisateurs et est hautement notée sur les stores pour son efficacité et sa fiabilité à connecter les membres de la famille et assurer leur sécurité.

Description

• Conduct security architecture reviews across mobile (iOS/Android), backend (Java, Python, PHP), data pipelines, and third-party integrations. You're the security partner teams come to during design, not after. • Translate threat models and security requirements into pragmatic guidance engineers can act on. • Build trusted relationships with product and platform engineering teams • Further operationalize and tune ASPM tooling (Cycode) to unify SAST, SCA, secret scanning, and container security into actionable signal, not noise. • Build security-as-code patterns and pre-approved libraries that make the secure path the default path. • Automate vulnerability triage, deduplication, and routing so the team spends time on judgment, not toil. • Drive SLA-based remediation workflows with clear severity definitions, ownership, and escalation paths. • Build metrics that translate security posture into language engineering leadership and executives can use. • Partner on design reviews for AI-powered features: model access controls, data boundary enforcement, and retrieval system authorization. • Contribute to securing agent workflows, MCP integrations, and shared AI tooling as adoption scales across engineering. • Work with Privacy, Legal, and Data Platform on controls for sensitive data: real-time location, family relationships, and data involving minors.

🎯 Exigences

• 5+ years in application security, product security, or DevSecOps with a track record of shipping controls that earn adoption, not just approval. • Hands-on builder. You define secure patterns, write code, and deliver tooling that holds up in production. You're a practitioner, not just an advisor. • Experience conducting threat models and security architecture reviews across mobile (iOS/Android), cloud (AWS/GCP), and backend services (Java, Python, PHP). You catch design flaws that automated tools miss. • Practical experience securing AI/ML systems. You've worked with prompt pipelines, RAG architectures, model access controls, or agentic workflows and understand the trust, authorization, and data boundary problems they introduce. • Working knowledge of ASPM platforms and security tooling: SAST, SCA, secret scanning, container scanning. You've tuned these to produce signal, not noise. • Familiarity with CI/CD security integration. You've built security into pipelines without breaking developer velocity. • Solid grounding in secure development practices: OWASP Top 10, OWASP LLM Top 10, secure-by-design principles, and practical remediation guidance. • Comfort with ambiguity. You're energized by first-draft standards, testing approaches, and scaling what works rather than waiting for a playbook. • Strong cross-functional communication. You carry risk, tradeoffs, and technical decisions across engineering, product, and leadership without losing precision. You can reshape a risky decision clearly and constructively.

🏖️ Avantages

• Competitive pay and benefits • Medical, dental, vision, life and disability insurance plans (100% paid for employees) • 401(k) plan with company matching program • Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being • Flexible PTO, 13 company-wide days off throughout the year • Winter and Summer Weeklong Synchronized Company Shutdowns • Learning & Development programs • Equipment, tools, and reimbursement support for a productive remote environment • Free Life360 Platinum Membership for your preferred circle • Free Tile Products