Staff Product Security Engineer

🔥 1 hour ago

🇺🇸 United States – Remote

💵 $165k - $200k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Greenlight

WebsiteLinkedInAll Job Openings

201 - 500 employees

Founded 2014

💳 Fintech

📚 Education

👥 B2C

💰 $260M Series D on 2021-04

Fintech • Education • B2C

Greenlight is a financial technology company dedicated to providing financial literacy tools and experiences for families, particularly focusing on children and teens. It offers a debit card specifically designed for kids, supported by an app that allows parents to monitor spending, automate allowances, and set savings goals. Greenlight facilitates a comprehensive learning experience by incorporating chores management, investing opportunities, and a financial education game that teaches real-world money skills. It also includes safety features such as location sharing and driving alerts to keep families connected and secure. Through partnerships with banks, the app provides various customizable plans that encourage smart financial habits from an early age.

📋 Description

• Lead security architecture/design review and threat modeling sessions with product and engineering teams using STRIDE, PASTA and attack tree methodologies. • Translate threats into actionable, risk-rated engineering remediations prioritized by severity. • Conduct hands-on penetration testing and security assessments across our full product stack producing actionable reports for engineering and leadership. • Red-Team our AI powered products and development tools to test for prompt injection, data exfiltration, MCP server exploitation, and tool misuse. • Drive PSIRT Operations by triaging incoming vulnerability reports, leading technical investigations, coordinating remediation with engineering, scoring severity (CVSS), managing coordinated disclosure with external researchers and on-call incidents. • Shape the posture of our AI assisted development environment defining and enforcing enterprise policies for claude and cursor. • Champion Security Culture by running developer training on secure coding with AI assistants, evangelizing security by design for products and ensuring every engineer understands that product security is an enabler and not a gate.

🎯 Requirements

• 10+ years of product security experience spanning application security, cloud security, and secure SDLC. • Expert level Threat Modeling using STRIDE, PASTA or equivalent across web, mobile, cloud, embedded and AI systems. • Hands-on penetration testing skills across applications, API, cloud infrastructure, and hardware/firmware. • PSIRT operational experience from vulnerability intake and triage. • Deep hands down AI security expertise and expert level understanding of OWASP Top 10 for LLM, API, Web, Mobile and have practical experience with MITRE. • Strong hands-on experience in security tools SAST, DAST, SCA, and securing AI development tools specifically Claude and Cursor. • Strong programming ability and capability to review code, build security tools, automate workflows and be credible with the engineering teams you partner with. • Deep technical knowledge of CI/CD pipeline and relevant tools for web and mobile applications. • Strong knowledge of programming language & frameworks (i.e. Node.js, Java/Kotlin, React, Redux, Swift, SwiftUI), cloud technologies and infrastructure (i.e. AWS, GCP, Kubernetes, Ambassador, Helm), and databases (i.e. MySQL, DynamoDB, Redis).

🏖️ Benefits

• Medical, dental, vision, and HSA match • Paid life insurance, AD&D, and disability benefits • Traditional 401k with company match • Unlimited PTO • Paid company holidays and pop-up bonus holidays • Professional development stipends • Mental health resources • 1:1 financial planners • Fertility healthcare • 100% paid parental and caregiving leave, plus cleaning service and meals during your leave • Flexible WFH, both remote and in-office opportunities • Fully stocked kitchen, catered lunches, and occasional in-office happy hours • Employee resource groups