Sr. Product Security Engineer

Senior Product Security Engineer responsible for leading security assessments of cloud-hosted applications and APIs, including evaluating modern identity and access control (OAuth2/OIDC, SAML, JWT), producing actionable assessment reports for engineering and product leadership, conducting threat modeling and architecture reviews early in design, contributing to security standards and tooling, supporting PSIRT during coordinated disclosure, and staying current on application, API, and AI security developments. Requires hands-on experience in product/application security, a strong foundation in web app and API security (OWASP Top 10 and OWASP API Security Top 10), cloud familiarity, scripting capability to demonstrate findings, and the ability to communicate risk to technical audiences. Bachelor's degree in Computer Science, Engineering, Information Security, or related field, or equivalent practical experience.