Security Engineer – Product Security

Job not on LinkedIn

November 25

Apply Now

Receive Emails with Similar Jobs

JetBrains

WebsiteLinkedInAll Job Openings

B2B • SaaS • Artificial Intelligence

JetBrains is a software company that builds professional developer tools and integrated development environments (IDEs) — including IntelliJ IDEA, PyCharm, WebStorm, Rider, and others — plus team and CI/CD tools like TeamCity, YouTrack, Datalore, and code-quality services. The company also offers AI-powered developer features (Junie, AI Assistant, AI Enterprise), a marketplace for plugins, educational offerings (JetBrains Academy, courses, free licenses for students/teachers), and enterprise services for managing developer tooling at scale. JetBrains focuses on improving developer productivity, collaboration, and code quality for individual developers and organizations worldwide.

1001 - 5000 employees

Founded 2000

🤝 B2B

☁️ SaaS

🤖 Artificial Intelligence

📋 Description

• Conduct security tests and reviews of all JetBrains web and desktop products, including features, designs, architecture, and code. • Perform threat modeling and risk assessments for new features, components, and integrations. • Establish and improve SSDLC and Application Security processes across product teams. • Research and address new attack vectors and threats, and help design effective defenses. • Help to develop, integrate, and maintain security pipelines and tools that embed security controls into the development workflow or automate manual, time-consuming tasks. • Research and implement AI/LLM-based approaches for security automation. • Investigate and triage vulnerability reports submitted by external researchers. • Collaborate with product teams, providing security guidance, vision, and practical solutions. • Contribute to security awareness by creating and maintaining security guidelines and best practices, delivering talks, and designing CTF challenges.

🎯 Requirements

• Proven experience in Application Security and/or Penetration Testing. • Solid knowledge of Web Application Security principles, common attacks, and OWASP TOP 10. • A degree in computer science, information technology, or equivalent experience. • A strong command of English with excellent written communication skills. • Strong experience in vulnerability analysis and proof-of-concept development. • An understanding of cloud security fundamentals (AWS, GCP, and Azure). • An understanding of the modern software development lifecycle (code reviews, CI, CI-based controls, CD, and packaging) • Experience in secure coding and conducting effective security-focused code reviews. • An analytical and problem-solving mindset, with the ability to work both independently and in a team.

🏖️ Benefits

• Flexible work arrangements • Professional development