{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/product-security"},"x-facet":{"type":"skill","slug":"product-security","display":"Product Security","count":5},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_777a6e79-5d9"},"title":"Senior Software Engineer, Security Engineering","description":"

Secure Every Identity ----------------------- Okta secures AI by building the trusted, neutral infrastructure that enables organisations to safely embrace this new era.

\n

We are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work.

\n

The Role -------- We seek a knowledgeable and development-focused Security Engineer, who will build micro-services to secure Customer Identity Products and Infrastructure.

\n

Responsibilities --------------- Work across a globally distributed product-aligned team of security engineers Establish a deep understanding of Okta Customer Identity products and infrastructure Collaborate when necessary with the Okta Security team on security operations Build, deploy & maintain scalable and reliable infrastructure services as well as security solutions for customer identity products Build, deploy & maintain automation to improve platform security capabilities at scale including logging, threat detection and compliance benchmarks to increase our security posture Help meet our operational security commitments by thinking like an attacker, assessing the risk, and advising on mitigation strategies Support security investigations in coordination with the Okta Security team, participate in root cause analysis and perform necessary remediations. Support stakeholders by proposing mitigation strategies for end-of-life software and security vulnerability and patch management

\n

Requirements ----------- You have 3+ years of hands-on development experience writing microservices with Golang You have 3+ years of experience in cloud infrastructure security, product security You have working knowledge and hands on development experience with one or more of the following: AWS and/or Azure security Kubernetes You have strong knowledge in OWASP Top 10 and secure coding best practices You have strong foundation on secure software development lifecycle best practices You have strong written and verbal communication skills You have experience working with a globally distributed and remote team.

\n

Bonus points if: You have working knowledge and experience with one or more of the following: Full-stack engineering Site reliability engineering Identity and access management Vulnerability and threat management Security detection and response Governance, risk and compliance

\n

XML job scraping automation by YubHub

","url":"https://yubhub.co/jobs/job_777a6e79-5d9","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Okta","sameAs":"https://www.okta.com","logo":"https://logos.yubhub.co/okta.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/okta/jobs/7744352","x-work-arrangement":"hybrid","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Golang","Cloud infrastructure security","Product security","AWS security","Azure security","Kubernetes","OWASP Top 10","Secure coding best practices","Secure software development lifecycle best practices"],"x-skills-preferred":["Full-stack engineering","Site reliability engineering","Identity and access management","Vulnerability and threat management","Security detection and response","Governance, risk and compliance"],"datePosted":"2026-04-18T15:44:00.927Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Bengaluru, India"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Golang, Cloud infrastructure security, Product security, AWS security, Azure security, Kubernetes, OWASP Top 10, Secure coding best practices, Secure software development lifecycle best practices, Full-stack engineering, Site reliability engineering, Identity and access management, Vulnerability and threat management, Security detection and response, Governance, risk and compliance"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_b284be7d-7d6"},"title":"Product Security Engineer","description":"

Meet Yubico: the creator of the most secure passkeys and leading provider of hardware authentication security keys. Our company’s mission is to make secure login easy and available for everyone.

\n

Yubico was founded in 2007 by Stina and Jakob Ehrensvard, and is public on Nasdaq Stockholm Main Market: YUBICO. Our customers include Fortune 500 companies, hundreds of government agencies and millions of individuals in over 160 countries that rely on Yubico technology to secure access to computers, online services and mobile apps.

\n

The Role: The Product Security team is responsible for ensuring Yubico develops and maintains secure products and services. As part of the Product Security team, your primary responsibility will be to collaborate with the firmware and software teams to design and integrate solutions that support secure design and development practices.

\n

Tasks & Responsibilities:

\n\n

Basic Qualifications:

\n\n

Optional Skills and Experience:

\n\n

Additional Information\nWe are an equal opportunity employer, we value diversity and uphold an inclusive environment where all people feel that they are equally respected and valued. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity or expression, age, marital status, religion, national origin, disability, protected Veteran status or any other characteristic protected by law.

\n

XML job scraping automation by YubHub

","url":"https://yubhub.co/jobs/job_b284be7d-7d6","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Yubico","sameAs":"https://www.yubico.com/","logo":"https://logos.yubhub.co/yubico.com.png"},"x-apply-url":"https://jobs.lever.co/yubico/646cd3ab-3be7-4987-a508-6bfdf83c71cc","x-work-arrangement":"remote","x-experience-level":"mid","x-job-type":"full-time","x-salary-range":"$120,000-140,000 per year","x-skills-required":["product security","software development","threat modeling","C","static code analysis"],"x-skills-preferred":["WebAuthn",".NET","C++","ARM","targeted fuzzing"],"datePosted":"2026-04-17T13:13:08.372Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Western US"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"product security, software development, threat modeling, C, static code analysis, WebAuthn, .NET, C++, ARM, targeted fuzzing","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":120000,"maxValue":140000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_eec951b9-d96"},"title":"Security Engineer","description":"

We're seeking a Security Engineer at the senior-level or above to own the product security and authorization lifecycle for Saronic's autonomous surface vessels. You will serve as the responsible security engineer for one or more vessel programs, owning the security posture from design through production, authorization, and operational deployment.

\n

This is a hands-on security engineering role; not a GRC or project management role. You'll identify the frameworks that apply, architect the vessel's security to satisfy them, and drive authorization to completion. Where standards don't yet exist, you'll define them.

\n

Key Responsibilities:

\n\n

Required Qualifications:

\n\n

Preferred Qualifications:

\n\n

Additional Information:

\n\n

XML job scraping automation by YubHub

","url":"https://yubhub.co/jobs/job_eec951b9-d96","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Saronic Technologies","sameAs":"https://www.saronictech.com/","logo":"https://logos.yubhub.co/saronictech.com.png"},"x-apply-url":"https://jobs.lever.co/saronic/6e800df8-6173-4f13-863e-b8803017f317","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["product security","systems security engineering","authorization engineering","threat modeling","security architecture","risk assessment","cyber-physical systems","embedded systems","operational technology environments","NIST SP 800-53","NIST SP 800-171","CMMC 2.0","RMF","CSRMC","ATO/IATT","continuous ATO","FedRAMP","IEC 62443","IMO MASS Code","IACS UR E26/E27"],"x-skills-preferred":["product security lead","systems security engineer","authorization lead","defense platform","program of record","government Authorizing Officials","program offices","DOT&E","technical security representative","defense technology startups","DARPA programs","organizations","defense acquisition system","maritime-specific frameworks","ITAR/EAR compliance","supply chain security","manufacturing security"],"datePosted":"2026-04-17T12:58:42.019Z","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"product security, systems security engineering, authorization engineering, threat modeling, security architecture, risk assessment, cyber-physical systems, embedded systems, operational technology environments, NIST SP 800-53, NIST SP 800-171, CMMC 2.0, RMF, CSRMC, ATO/IATT, continuous ATO, FedRAMP, IEC 62443, IMO MASS Code, IACS UR E26/E27, product security lead, systems security engineer, authorization lead, defense platform, program of record, government Authorizing Officials, program offices, DOT&E, technical security representative, defense technology startups, DARPA programs, organizations, defense acquisition system, maritime-specific frameworks, ITAR/EAR compliance, supply chain security, manufacturing security"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_ace25108-b9c"},"title":"Staff Product Security Engineer","description":"

We are seeking an experienced and motivated Staff Product Security Engineer to join our growing Security team. As a Staff Product Security Engineer, you will be responsible for the end-to-end security of our consumer products, digital platform, and emerging hardware device line.

\n

Your day-to-day will involve leading security architecture/design review and threat modeling sessions with product and engineering teams, translating threats into actionable, risk-rated engineering remediations prioritized by severity, conducting hands-on penetration testing and security assessments across our full product stack, and driving PSIRT operations by triaging incoming vulnerability reports, leading technical investigations, coordinating remediation with engineering, scoring severity (CVSS), managing coordinated disclosure with external researchers, and on-call incidents.

\n

You will also shape the posture of our AI-assisted development environment, defining and enforcing enterprise policies for Claude and Cursor, and partner across the organization, sitting in design review with architects, advising product managers and engineering teams on security and compliance implications of new features, briefing executives on emerging AI threats, mentoring junior security engineers, and collaborating with the AI team on securing ML pipelines.

\n

As a champion of security culture, you will run developer training on secure coding with AI assistants, evangelize security by design for products, and ensure every engineer understands that product security is an enabler and not a gate.

\n

You will bring 10+ years of product security experience spanning application security, cloud security, and secure SDLC, expert-level threat modeling using STRIDE, PASTA, or equivalent across web, mobile, cloud, embedded, and AI systems, hands-on penetration testing skills across applications, API, cloud infrastructure, and hardware/firmware, and deep hands-down AI security expertise and expert-level understanding of OWASP Top 10 for LLM, API, Web, Mobile, and practical experience with MITRE.

\n

You will have strong hands-on experience in security tools SAST, DAST, SCA, and securing AI development tools specifically Claude and Cursor, and understand MCP security risks and know how to architect enterprise guardrails that enable safe AI-assisted development.

\n

You will also have strong programming ability and capability to review code, build security tools, automate workflows, and be credible with the engineering teams you partner with.

\n

Preferred experience includes hardware and embedded security experience with knowledge of secure boot, firmware integrity, hardware root of trust, and IoT threat modeling experience, and experience in the Financial industry, knowledge of PCI DSS, COPPA, or demonstrated ability to learn regulated domains quickly.

\n

Work perks at Greenlight include medical, dental, vision, and HSA match, paid life insurance, AD&D, and disability benefits, traditional 401k with company match, unlimited PTO, paid company holidays and pop-up bonus holidays, professional development stipends, mental health resources, 1:1 financial planners, fertility healthcare, 100% paid parental and caregiving leave, plus cleaning service and meals during your leave, flexible WFH, both remote and in-office opportunities, fully stocked kitchen, catered lunches, and occasional in-office happy hours, and employee resource groups.

\n

XML job scraping automation by YubHub

","url":"https://yubhub.co/jobs/job_ace25108-b9c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Greenlight","sameAs":"https://www.greenlight.com/","logo":"https://logos.yubhub.co/greenlight.com.png"},"x-apply-url":"https://jobs.lever.co/greenlight/18b7ac30-dbf6-4078-bf50-06772c47fdc7","x-work-arrangement":"remote","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$165,000-200,000","x-skills-required":["product security","application security","cloud security","secure SDLC","threat modeling","penetration testing","security assessments","PSIRT operations","AI security","OWASP Top 10","MITRE","SAST","DAST","SCA","Claude","Cursor","MCP security","firmware integrity","hardware root of trust","IoT threat modeling"],"x-skills-preferred":["hardware and embedded security","PCI DSS","COPPA"],"datePosted":"2026-04-17T12:35:45.706Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Atlanta"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Finance","skills":"product security, application security, cloud security, secure SDLC, threat modeling, penetration testing, security assessments, PSIRT operations, AI security, OWASP Top 10, MITRE, SAST, DAST, SCA, Claude, Cursor, MCP security, firmware integrity, hardware root of trust, IoT threat modeling, hardware and embedded security, PCI DSS, COPPA","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":165000,"maxValue":200000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_b474ff4a-8ab"},"title":"Application Security Engineer","description":"

Perplexity is seeking a highly skilled, experienced and hands-on Application Security Engineer to join our dynamic security team, revolutionizing the way people search and interact with the internet. You’ll build the systems, tools, and processes that make security seamless for developers and strong by default, enabling rapid innovation while protecting our users at scale.

\n

What you'll do

\n

Design and implement scalable, developer-friendly security solutions that integrate directly into engineering workflows

\n

What you need

\n\n

XML job scraping automation by YubHub

","url":"https://yubhub.co/jobs/job_b474ff4a-8ab","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Perplexity","sameAs":"https://jobs.ashbyhq.com","logo":"https://logos.yubhub.co/perplexity.com.png"},"x-apply-url":"https://jobs.ashbyhq.com/perplexity/63abf041-c7ba-4bd6-840c-1a4ac7925dee","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$220K – $405K","x-skills-required":["Application Security","Product Security","Secure Software Development Practices","Threat Modeling","Common Vulnerabilities"],"x-skills-preferred":["Modern Authentication and Authorization Patterns","OAuth","OIDC","SSO","Zero Trust"],"datePosted":"2026-03-04T12:27:27.307Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Francisco, London, New York City, Remote (United States), Serbia"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Application Security, Product Security, Secure Software Development Practices, Threat Modeling, Common Vulnerabilities, Modern Authentication and Authorization Patterns, OAuth, OIDC, SSO, Zero Trust","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":220000,"maxValue":405000,"unitText":"YEAR"}}}]}