Full-Time Senior Product Security Engineer

Sanity is seeking a Senior Product Security Engineer who can balance hands-on security work with holistic product security responsibilities.

This role will strengthen and develop our security posture, supporting compliance initiatives and vendor management.

The ideal candidate possesses strong technical security skills and can manage programs across security, compliance, and vendor ecosystems.

Joining our security team means becoming part of something bigger than fixing vulnerabilities or reviewing code. You empower creators, developers, and businesses, handling the invisible shield that protects their digital assets.

We believe security should enable innovation, not hinder it. We seek someone passionate about building secure systems that help customers succeed.

About the Role:

As a Senior Product Security Engineer, you will directly strengthen our product security through hands-on work. You will also manage critical compliance requirements and vendor security assessments.

This role has potential for tangible improvements across the company.

This is not a Security Operations Center (SOC) role and does not require on-call, but participation in addressing security incidents when they arise is expected.

Focus on proactive security work integrated into the product development process. Collaborate with teams to embed security from the beginning.

Contributions will strengthen our compliance posture, maintain customer trust, and support innovation.

Reports to: Head of SRE.

Clear path for growth.

Responsibilities:

• Product Security Engineering
• Proactive engagement with product teams, contributing code fixes when necessary.
• Coordinate security pentesting activities, following up on findings.
• Triage and respond to security issues and bug bounty reports.
• Review security requests for new libraries or vendors.
• Act as a security advisor for product development.
• Develop and maintain security tools and alerts.
• Holistic security responsibilities
• Assist in managing and implementing security aspects of our compliance program.
• Contribute to compliance and security related questions from customers (RFIs)
• Support and lead vendor security assessments

About You:

• 5+ years of experience in security engineering roles.
• Experience with product security principles and practices.
• Familiarity with GCP and BigQuery.
• Strong communication skills, able to work with cross-functional teams and customers.
• Self-motivated with excellent organizational and time management skills.
• Experience managing secrets and tokens in software environments.

Nice to have:

• Familiarity with SOC 2 Type 2 compliance requirements and processes
• Experience with Wazuh, Trivy, and other OSS security tools
• Proficiency in TypeScript and Golang
• Startup experience
• Growth mindset

What is the last date for applying to the job?

Which countries are accepted for this remote job?