Senior Product Security Engineer

Job Summary

Required Qualifications

• 5+ years in software engineering, security engineering, or a combined role with meaningful hands-on security responsibility
• Strong proficiency in Go or Python
• Deep, hands-on experience with Kubernetes in production (cluster hardening, RBAC, network policies, admission controllers)
• Practical expertise with GCP and/or AWS: IAM, workload identity, secrets management, security services (e.g., GCP Security Command Center, AWS Security Hub)
• Proven track record designing and securing CI/CD pipelines (GitHub Actions, Cloud Build, Tekton, or similar)
• Fluency with container security: image scanning, distroless/minimal base images, runtime security
• Experience with software supply chain security tooling and frameworks (Sigstore, SLSA, SBOM generation)
• Solid understanding of OWASP, NIST, and cloud security frameworks and how to apply them pragmatically.

Desired Qualifications

• 5+ years of experience in software engineering, security engineering, or a related role with hands-on security responsibilities
• Strong proficiency in Go or Python
• Production experience with Kubernetes (cluster hardening, RBAC, network policies, admission controllers)
• Practical experience with AWS and/or GCP (IAM, workload identity, secrets management, security services)
• Proven track record designing and securing CI/CD pipelines (GitHub Actions, Cloud Build, Tekton, or similar)
• Fluency with container security (image scanning, distroless/minimal base images, runtime security)
• Experience with software supply chain security tooling (Sigstore, SLSA, SBOM generation)
• Knowledge of OWASP, NIST, and cloud security frameworks