Remote Staff Product Security Engineer - Customer Platform

Description:

• Valon is seeking a seasoned and highly skilled Staff Product Security Engineer - Customer Platform to join their growing team.
• This role is critical for ensuring the security of the organization's systems, cloud infrastructure, products, and data.
• The position involves blending product security architecture and technical control implementation, incorporating security by design into ValonOS.
• Responsibilities include defining and evolving product security architecture for Valon’s multi-tenant SaaS platform, guiding secure implementation of customer-facing security capabilities, and building security reference architectures.
• The engineer will lead threat modeling, security design, and code reviews for new features and services.
• Collaboration with various teams is essential to identify and mitigate product and data security risks.
• The role also supports vulnerability triage, remediation strategy, and security compliance needs, including customer-facing discussions.
• Operational activities include security advisory, incident response, and enforcing security policies and procedures.

Requirements:

• Candidates must have extensive experience in product security, application security, or security architecture roles, specifically with SaaS platforms.
• A strong background in cloud security and hands-on experience securing cloud environments, preferably GCP, is required.
• Proven experience in SaaS IAM and tenant security, including authentication/authorization and RBAC, is necessary.
• Expertise in designing secure platform controls such as APIs and encryption is essential.
• Candidates should have experience leading threat modeling and security design reviews.
• Applied knowledge of industry security and compliance frameworks like OWASP and SOC 2 is required.
• The ideal candidate should be a highly hands-on engineer capable of driving complex cross-functional efforts.
• Excellent communication skills are necessary to explain complex security concepts to various stakeholders.
• Prior software engineering experience and coding ability in Python is preferred.
• A minimum of 8 years in senior security engineering or architect roles, with at least 3 years leading security design for cloud and SaaS platforms, is required.
• A Bachelor's degree in Information Security, Computer Science, or a related field is necessary.
• Relevant security certifications such as CISSP or CISM are required.

Benefits:

• The base compensation band for this position ranges from $190K to $260K, determined by the candidate’s experience and qualifications.
• Competitive salary with equity stake in the company and a 401k plan is offered.
• Comprehensive medical, dental, and vision benefits are provided to support physical and mental well-being.
• Pre-tax commuter benefits for public transportation, rideshare services, and parking expenses are available.
• Opportunities for learning and development, including company-wide orientation and regular review cycles with 360-degree feedback, are offered.
• Quarterly budgets for team and company outings are provided to foster team bonding.
• Flexible paid time off, sick days, and 11 company holidays are included in the benefits package.
• Generous baby bonding time of 12 weeks off for both birthing and non-birthing parents is fully paid.