[Remote] Product Security Engineer

Note: The job is a remote job and is open to candidates in USA. Airtable is the no-code app platform that empowers people closest to the work to accelerate their most critical business processes. They are seeking a Product Security Engineer to shape the security of their platform, focusing on building frameworks and automated controls that ensure security by design while collaborating with engineering teams.

Responsibilities

• Develop self-service security frameworks and "paved roads" that allow engineering teams to ship secure code by default
• Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues (for example, multi-tenant isolation and authorization/permission bypasses) that automated tools cannot catch
• Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance
• Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows
• Manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem
• Contribute to the long-term roadmaps, metrics, and strategic planning for the security team
• Lead complex threat modeling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organization

Skills

• 4+ years of experience in product security or application security, with experience shipping production code
• A strong background in computer science or a related field, with proficiency in writing clean, maintainable code
• Deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them
• Hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks
• Proficient in writing and reviewing code and treat security as an engineering problem to be solved with software, not just policies
• Excel at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity
• Comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy

Benefits

• Our total compensation package also includes the opportunity to receive benefits, restricted stock units, and may include incentive compensation.
• To learn more about our comprehensive benefit offerings, please check out Life at Airtable

Company Overview

Company H1B Sponsorship