Product Security Engineer

1 opening

Required Skills

Ai & securityApp security toolingLlm securityProgramming proficiency

Job Description

Job Title: Product Security Engineer

Job Type: Full-time

Location: Remote

The Role

We are seeking a Product Security Engineer to help define the future of AI-native security engineering. In this role, you will operate at the intersection of application security, machine learning, and developer productivity—designing autonomous security systems that scale with modern software development.

You will lead the evolution of our security platform by embedding AI-driven controls directly into the software lifecycle, enabling continuous risk discovery, intelligent remediation, and secure deployment at the speed of innovation.

What You'll Do

1. Architect and build AI-powered security systems that autonomously identify, triage, and remediate vulnerabilities across applications, infrastructure, and AI workloads.
2. Develop agentic security workflows that leverage LLMs and machine learning for code review, threat detection, vulnerability correlation, root-cause analysis, and automated fix generation.
3. Reimagine the Secure Software Development Lifecycle (SSDLC) by integrating intelligent security controls, AI guardrails, and continuous validation into CI/CD pipelines.
4. Lead threat modeling initiatives for distributed systems, AI platforms, RAG architectures, model-serving infrastructure, data pipelines, and autonomous agents.
5. Design security frameworks for protecting AI systems against emerging threats including prompt injection, model abuse, data poisoning, adversarial attacks, and sensitive data leakage.
6. Build behavioral detection models and risk engines to identify synthetic identities, document fraud, account takeover attempts, and other adversarial activity within customer onboarding and KYC workflows.
7. Apply machine learning and contextual risk scoring to reduce alert fatigue, prioritize security findings, and drive autonomous remediation decisions.
8. Partner closely with engineering, platform, and AI research teams to ensure security is embedded as a native capability rather than a downstream function.
9. Scale a culture of security engineering through mentorship, technical leadership, and enablement programs focused on secure AI development practices.

What We're Looking For

1. Demonstrated experience building or applying AI/LLM-powered security solutions, including agentic workflows, autonomous remediation systems, vulnerability discovery, or security copilots.
2. Deep expertise in Application Security, Product Security, or Security Engineering with a strong software development background.
3. Hands-on experience integrating enterprise security tooling (e.g., Snyk, Checkmarx, GitHub Advanced Security, Semgrep, Wiz, Lacework) into automated developer workflows and AI-driven orchestration platforms.
4. Strong understanding of modern security architecture, cloud-native systems, APIs, microservices, and distributed computing environments.
5. Deep familiarity with OWASP Top 10, OWASP Top 10 for LLM Applications, secure AI development practices, and emerging AI threat models.
6. Advanced programming skills in Python and at least one additional language such as Go, Java, Rust, or Node.js.
7. 8+ years of experience spanning Application Security, Software Engineering, Infrastructure Security, or related technical domains.
8. Proven track record driving large-scale automation initiatives and transforming security programs from reactive operations to autonomous, intelligence-driven systems.
9. Exceptional communication skills with the ability to translate complex technical and AI-related risks into strategic business decisions.

Preferred

1. Experience securing AI products, foundation model platforms, inference infrastructure, or agentic systems in production environments.
2. Background in applied machine learning, security data science, fraud detection, or behavioral analytics.
3. Contributions to open-source security tools, AI security research, or industry thought leadership.
4. Experience operating within high-growth technology companies, AI labs, or research-driven engineering organizations.
5. Familiarity with emerging areas such as AI red teaming, model evaluation, agent security, autonomous penetration testing, or AI safety engineering.

NYC, New York, United States

ESR Healthcare