Product Security Engineer

Profile Summary

A hands-on Product Security Engineer who thrives at the intersection of engineering and security. Specialises in building secure-by-default frameworks that development teams actually want to use. Has a track record of reducing vulnerability density across product lines while accelerating release velocity — not slowing it down.

Problems Solved

• Designed and shipped a secure-by-default authentication framework adopted by 12 product teams, eliminating an entire class of auth bypass vulnerabilities across the platform.
• Built an automated threat modelling pipeline that reduced manual security review bottlenecks by 70%, enabling weekly releases without compromising security posture.
• Led the remediation of a critical API vulnerability discovered in production, coordinating across 4 engineering teams to patch and deploy within 6 hours with zero customer impact.

What They Build

Builds product security programs from the ground up — threat modelling frameworks, automated security gates in CI/CD, developer security training programs, and custom SAST/DAST integrations. Focuses on making security self-service for engineering teams.

What Would Make Them Move

Looking for a product-led company where security is treated as a first-class engineering discipline. Wants ownership of the product security function with a direct line to engineering leadership. Remote-first is non-negotiable.

Mission & Values

Security should be a feature, not a tax. I build tools and processes that make the secure path the easiest path for developers. If your security program is slowing down shipping, it is broken.

Growth Areas

Open to