Product Security Engineer

You will own the security posture of our SaaS product by proactively testing and hardening the application, APIs, and underlying cloud infrastructure.

Responsibilities

• Test SaaS products for security vulnerabilities across web apps, APIs, and cloud infrastructure.
• Perform manual security testing and targeted penetration tests beyond automated scanning.
• Implement and help implement automated security test suites for continuous validation.
• Identify abuse cases, business logic flaws, and real-world attack paths.
• Work with engineers to reproduce security issues and drive resolution before deployment.

Required Skills

• 3-6 years experience in application security, offensive security, or penetration testing.
• Strong understanding of web and API security, OWASP Top 10, authentication, sessions, and access control.
• Experience testing modern SaaS products and operating in cloud environments (AWS).
• Proficiency in Application Security, Penetration Testing, API Security, and Security Testing.
• Experience with Threat Modeling and understanding of Business Logic flaws.
• Familiarity with security testing tools like Burp Suite and Nuclei.
• Ability to operate with high ownership and a self-starter mindset.