Product Security Engineer – Lead

1 Month ago • 7 Years + • Product Management

Job Summary

Job Description

Smarsh is seeking a Product Security Engineer to bolster secure development practices across its engineering teams. This hands-on role involves identifying and mitigating product risks through security reviews, enhancing tooling, and supporting vulnerability remediation. You will collaborate closely with senior security engineers and cross-functional teams to integrate security into the software development lifecycle. This position offers an excellent opportunity for a security-focused engineer to expand their technical skills in a cloud-first, DevOps environment, working effectively within a global team across different time zones and geographies.
Must have:
  • Secure SDLC Integration
  • Threat Modeling & Security Design Reviews
  • Vulnerability Management & Remediation
  • Code & Architecture Review
  • Automation & Tooling
  • Penetration Testing & Red Teaming
  • Security Champion Enablement
  • Incident & Response Readiness
  • Security Compliance & Governance
  • 7+ years experience in Product/App Security
  • Deep expertise in secure coding practices & OWASP
  • Proficiency in modern programming languages
  • Experience with cloud-native security (AWS, Azure, GCP)
  • Proficiency in security testing tools (Burp Suite, Semgrep)
  • Strong background in network security
  • Experience with CI/CD security automation
  • Familiarity with IaC security & CSPM
  • Strong understanding of IAM & API security
  • Knowledge of industry frameworks (NIST, ISO 27001, SOC 2)
  • Experience driving developer enablement
Good to have:
  • Security certifications (OSCP, GIAC, CISSP, CSSLP)
  • Experience in SaaS/multi-tenant cloud environments
  • Knowledge of machine learning security
  • Familiarity with attack surface management
Perks:
  • Competitive salary and company bonus
  • Strong maternity and paternity scheme
  • Workplace pension scheme
  • Take what you need holiday package
  • Private medical insurance
  • Dental plan
  • Group life assurance
  • Group income protection
  • Employee assistance program
  • Monthly wellness allowance
  • Adoption assistance
  • Stock options

Job Details

Who are we?

Smarsh empowers its customers to manage risk and unleash intelligence in their digital communications. Our growing community of over 6500 organizations in regulated industries counts on Smarsh every day to help them spot compliance, legal or reputational risks in 80+ communication channels before those risks become regulatory fines or headlines.  Relentless innovation has fueled our journey to consistent leadership recognition from analysts like Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008.

We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving tooling, and supporting vulnerability remediation. You'll work closely with senior security engineers and cross-functional teams to build security into our software development lifecycle.

This is a great opportunity for a security-minded engineer who wants to grow their technical breadth while making meaningful impact in a cloud-first, DevOps-centric environment. You must be comfortable working as part of a global team in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success.

How will you contribute?

    • Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase—from design to deployment.
    • Threat Modeling & Security Design Reviews: Conduct structured threat modeling and security assessments for new features, architectures, and services.
    • Vulnerability Management & Remediation: Work closely with engineering teams to identify and remediate vulnerabilities from SAST, DAST, SCA, container security, and cloud security scans.
    • Code & Architecture Review: Conduct secure code reviews and architectural security assessments to identify risks early in the development process.
    • Automation & Tooling: Enhance security automation capabilities by integrating security testing tools into CI/CD pipelines.
    • Penetration Testing & Red Teaming: Facilitate internal and external penetration testing activities, helping to triage and remediate findings.
    • Security Champion Enablement: Collaborate with engineering teams to build security awareness and develop a network of Security Champions.
    • Incident & Response Readiness: Support Smarsh SOC and security incident response, including root cause analysis and post-mortem reviews for your product(s).
    • Security Compliance & Governance: Ensure alignment with regulatory requirements (SOC 2, ISO 27001, etc.) and support audit activities.

What will you bring?

    • 7+ years of experience in Product Security, Application Security, or a related security engineering role.
    • Deep expertise in secure software development, secure coding practices, and OWASP Top 10 / CWE 25.
    • Strong technical proficiency in modern programming languages (e.g., Python, Java, JavaScript, Go, or C#).
    • Experience with cloud-native security (AWS, Azure, GCP) and securing containerized environments (Docker, Kubernetes).
    • Proficiency in security testing tools such as Burp Suite, Endor, Semgrep, etc.
    • Strong background in network security, including firewalls, IDS/IPS, VPNs, and secure network design.
    • Hands-on experience with CI/CD security automation (GitHub Actions, Jenkins, GitLab CI, etc.).
    • Familiarity with infrastructure-as-code security (Terraform, CloudFormation) and cloud security posture management.
    • Strong understanding of identity & access management (OAuth, OIDC, SAML, JWT) and API security.
    • Knowledge of industry frameworks like NIST, ISO 27001, and SOC 2. 
    • Experience driving developer enablement and security training initiatives.
    • Excellent communication and collaboration skills to engage with engineering, product, and leadership teams.

    • Preferred Qualifications
    • Security certifications such as OSCP, GIAC (GWEB, GWAPT, GCSA), CISSP, or CSSLP.
    • Experience working in SaaS, multi-tenant cloud environments.
    • Knowledge of machine learning security (AI/ML model risks, LLM security best practices).
    • Familiarity with attack surface management and threat intelligence.

What do we offer?

    • We value our people and offer a competitive salary along with company bonus
    • Strong maternity and paternity scheme
    • A workplace pension scheme
    • Take what you need holiday package
    • Private medical insurance
    • Dental plan
    • Group life assurance
    • Group income protection
    • Employee assistance programme
    • A monthly wellness allowance
    • Adoption assistance
    • Stock options
Don't meet every requirement? Apply anyway! We value diverse candidates and encourage applications, even if you don't perfectly match the job description. Studies have shown that some strong candidates may self-select out of the interview process prematurely, at Smarsh we encourage an inclusive, high-performing environment.

Smarsh is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Smarsh invites all qualified interested applicants to apply for career opportunities. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions. Including frequency of functions.

About our culture

Smarsh hires lifelong learners with a passion for innovating with purpose, humility and humor. Collaboration is at the heart of everything we do. We work closely with the most popular communications platforms and the world’s leading cloud infrastructure platforms. We use the latest in AI/ML technology to help our customers break new ground at scale. We are a global organization that values diversity, and we believe that providing opportunities for everyone to be their authentic self is key to our success. Smarsh leadership, culture, and commitment to developing our people have all garnered Comparably.com Best Places to Work Awards. Come join us and find out what the best work of your career looks like.

Similar Jobs

Slite - Account Executive

Slite

France (Remote)
1 Month ago
high radius - Senior Analyst

high radius

Hyderabad, Telangana, India (On-Site)
3 Months ago
DevRev - Solutions Engineer

DevRev

Mumbai, Maharashtra, India (On-Site)
3 Months ago
Pinterest - Revenue Operations Specialist (6-Month Fixed Term)

Pinterest

Dublin, County Dublin, Ireland (Hybrid)
3 Weeks ago
extreme network - Solutions Architect - Remote Eastcoast

extreme network

North Carolina, United States (Remote)
1 Month ago
Sierra - Product Manager, Agent Development

Sierra

New York, United States (On-Site)
3 Months ago
Easybrain - Product Manager

Easybrain

Limassol, Limassol, Cyprus (Hybrid)
10 Months ago
whoop - Senior Product Manager (Women's Health)

whoop

Boston, Massachusetts, United States (On-Site)
3 Weeks ago
Unity - Product Operations Manager

Unity

Montreal, Quebec, Canada (On-Site)
2 Months ago
Ubisoft - Production Manager

Ubisoft

Montreal, Quebec, Canada (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Sailpoint - Renewals Support Analyst

Sailpoint

Pune, Maharashtra, India (Remote)
1 Month ago
C3 IoT - Software Engineer - Generative AI

C3 IoT

Guadalajara, Jalisco, Mexico (On-Site)
1 Month ago
Forescout Technologies  Inc  - Senior Buyer

Forescout Technologies Inc

Pune, Maharashtra, India (On-Site)
2 Months ago
Magic School - Senior Manager of Customer Success, Western US

Magic School

United States (Remote)
3 Weeks ago
Arketa - General Counsel

Arketa

San Francisco, California, United States (Remote)
1 Month ago
Glean - Designated Technical Support Engineer

Glean

United States (Remote)
7 Months ago
Nice - Partner Enablement Manager International

Nice

London, England, United Kingdom (Hybrid)
2 Months ago
WebFX - Software Engineer

WebFX

Ann Arbor, Michigan, United States (On-Site)
8 Months ago
Salesforce - Customer Success Manager, Director (Automotive Industry)

Salesforce

Chicago, Illinois, United States (On-Site)
4 Weeks ago
Highspot - Salesforce Developer

Highspot

Hyderabad, Telangana, India (Hybrid)
10 Months ago

Get notifed when new similar jobs are uploaded

Jobs in United Kingdom

C3 IoT - Pre-Sales AI Director (German Speaking)

C3 IoT

London, England, United Kingdom (On-Site)
1 Month ago
Tesla - Key Account Manager, Powerwall (Residential Energy Storage)

Tesla

London, England, United Kingdom (Hybrid)
6 Months ago
Rocksteady Studios - Lead UI Artist

Rocksteady Studios

London, England, United Kingdom (Hybrid)
1 Month ago
Just wont die - Associate Art Director

Just wont die

Cambridge, England, United Kingdom (Remote)
3 Months ago
DNEG - Senior Pipeline Engineer

DNEG

London, England, United Kingdom (Hybrid)
1 Month ago
Overwolf - Senior PHP Developer - Tebex

Overwolf

Nottingham, England, United Kingdom (Remote)
3 Weeks ago
Square - Senior MEP Cost Manager

Square

Cambridge, England, United Kingdom (On-Site)
4 Weeks ago
Resolver - Generalist Analyst (Bengali Speaker)

Resolver

Leeds, England, United Kingdom (On-Site)
4 Months ago
Kwalee - Machine Learning Engineer

Kwalee

Royal Leamington Spa, England, United Kingdom (On-Site)
5 Months ago
flix interactive - Lead Engineer

flix interactive

United Kingdom (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Product Management Jobs

Adtran - (Senior) Director Product Line Management

Adtran

Munich, Bavaria, Germany (On-Site)
3 Months ago
Krafton - Publishing Platform Product Manager (Creator Network)

Krafton

Seoul, South Korea (On-Site)
4 Months ago
Christ Fellowship - Production Manager

Christ Fellowship

Florida, United States (On-Site)
3 Months ago
Alphawave Semi - Product Applications Engineer

Alphawave Semi

Ottawa, Ontario, Canada (On-Site)
3 Months ago
unicos studio - Product Manager

unicos studio

(On-Site)
1 Month ago
NinjaVan - Regional Assistant Manager, Commercial Product (Cross Border)

NinjaVan

Subang Jaya, Selangor, Malaysia (On-Site)
7 Months ago
SuperGaming - Associate Product Manager

SuperGaming

Pune, Maharashtra, India (On-Site)
4 Weeks ago
TabTale - Creative Producer

TabTale

Tel Aviv-Yafo, Tel Aviv District, Israel (On-Site)
4 Months ago
cirrus logic - Product Engineer

cirrus logic

Edinburgh, Scotland, United Kingdom (Hybrid)
3 Months ago
InFeedo AI - Product Marketing Manager

InFeedo AI

Gurugram, Haryana, India (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

Heredia, Costa Rica (Remote)

United Kingdom (Remote)

Bengaluru, Karnataka, India (Hybrid)

Atlanta, Georgia, United States (Remote)

Atlanta, Georgia, United States (Hybrid)

Bengaluru, Karnataka, India (Hybrid)

Heredia, Costa Rica (Hybrid)

Boca Raton, Florida, United States (Remote)

Portland, Oregon, United States (Hybrid)

United States (Remote)

View All Jobs

Get notified when new jobs are added by smarsh

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug