Staff Product Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Staff Product Security Engineer at Life360 embedding security into the DevSecOps process for secure software development. Focused on protecting location data and family safety features for millions of users.
Responsibilities:
- Deploy and operationalize Cycode ASPM platform (or equivalent) as the central nervous system for application security—unifying SAST, SCA, secret scanning, container security, and IaC scanning into actionable intelligence
- Build IDE-to-cloud security pipelines that catch vulnerabilities at code-write time, eliminating 90% of findings before merge
- Create security-as-code frameworks that make the secure path the default path
- Automate vulnerability triage, deduplication, and routing to eliminate manual security toil
- Design and deploy pre-approved security patterns, libraries, and templates that enable developers to build securely without security expertise
- Establish threat modeling as a lightweight, scalable practice integrated into product planning
- Conduct security architecture reviews for high-risk features across mobile (iOS/Android), backend (Java, Python, PHP), and emerging hardware products
- Build security tooling that developers actually want to use—think Spotify's Backstage for security
- Establish SLA-driven vulnerability management workflows with clear severity definitions, ownership models, and escalation paths
- Create friction-free remediation guidance—not "fix this," but "here's the exact code change needed"
- Build metrics dashboards that translate security posture into business language executives understand
- Partner with engineering leadership to embed security accountability into team objectives
- Act as embedded security advisor to product and platform engineering teams
- Translate complex security requirements into pragmatic, implementable solutions
- Influence technical decisions at the architecture level—security considered in design, not bolted on after
Requirements:
- 5+ years of hands-on experience in product security, application security, or DevSecOps roles.
- Strong experience deploying and operationalizing Application Security Posture Management (ASPM) platforms, with particular emphasis on vulnerability management and findings handling.
- Deep understanding of security tooling including SAST, DAST, secret scanning, SCA (Software Composition Analysis), and container scanning tools.
- Proficiency in Python and the ability to learn new programming languages and technologies as needed (experience with Java, C, or PHP is a plus).
- Extensive experience with threat modeling and security architecture reviews, with the ability to identify design flaws and provide actionable remediation guidance.
- Strong knowledge of secure software development practices, including OWASP Top 10, secure coding principles, and secure-by-design methodologies.
- Experience building security tooling and automation to scale security practices across development teams.
- Familiarity with compliance frameworks including OWASP SAMM 2.0, NIST SSDF (Secure Software Development Framework), SOC 2, and GDPR, with working knowledge of privacy considerations.
- Experience working with diverse technology stacks including mobile applications (iOS/Android), cloud infrastructure, and modern application development.
- Expert-level threat modeling—you can identify design flaws that automated tools miss.
- Security architecture experience across diverse platforms: mobile (iOS/Android SDK security), cloud (AWS/GCP), embedded systems.
- CI/CD security integration—Jenkins, GitLab CI, GitHub Actions, CircleCI—where you've built security into build pipelines without breaking them.
- Working knowledge of OWASP SAMM 2.0, NIST SSDF, secure coding standards.
Benefits:
- Competitive pay and benefits
- Medical, dental, vision, life and disability insurance plans (100% paid for employees)
- 401(k) plan with company matching program
- Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being
- Flexible PTO, 13 company-wide days off throughout the year
- Winter and Summer Weeklong Synchronized Company Shutdowns
- Learning & Development programs
- Equipment, tools, and reimbursement support for a productive remote environment
- Free Life360 Platinum Membership for your preferred circle
- Free Tile Products
Similar Jobs
Senior Director Analyst, Cybersecurity, Governance, Risk & Compliance
Senior Director Analyst producing insights in Cybersecurity for Gartner's global clients. Leading research and development strategies in Cyber Governance, Risk & Compliance while mentoring team members.
Cybersecurity Engineering Internship Program
Cybersecurity Engineering Internship at CENSUS focusing on hands-on training and industry mentors. Engage in real-world projects while working remotely within the UK for a duration of 6 months.
Security Engineer
Security Engineer responsible for deploying secure infrastructure and SIEM solutions. Collaborating with MSSP clients and teams to enhance security practices.
Chief Information Security Officer
Chief Information Security Officer focusing on governance and risk management in fintech company. Responsible for implementing information security management systems under ISO 27001 standards.
Cybersecurity Governance Analyst
Governance Analyst contributing to Cybersecurity governance at SailPoint. Involve in policy documentation and compliance activities aligned with industry best practices.
Senior Cloud Cyber Security Engineer
Senior Cloud Cyber Security Engineer designing secure cloud architectures and ensuring compliance for Sentara Health. Conducting security assessments and collaborating with cross-functional teams to enhance cloud security.
Senior Manager, Product Security
Senior Manager of Product Security at Amgen developing strategies to counter threats to the global supply chain. Responsible for overseeing security initiatives and collaborating across diverse teams.
Account Executive – Cybersecurity, Risk Assurance
Account Executive managing complex B2B sales for Sensiba’s cybersecurity and risk assurance services. Focusing on ISO/IEC 27001, SOC 1, and SOC 2 engagements with C-suite executives.
Social Security Claims Specialist
Social Security Specialist at Lincoln Financial handling Social Security Disability Insurance claims. Acts as liaison between internal teams, claimants, and legal representation.
Senior Manager, Cloud Security Consultant
Senior Manager in cloud security at PwC focusing on cybersecurity threats. Leading development and implementation of cloud security strategies with advanced technologies.
Adjunct Faculty, Fundamentals of Networking – Cybersecurity
Adjunct Faculty teaching online course Fundamentals of Networking at UMGC. Engaging adult learners and fostering collaboration in a remote setting.
IT Sales Manager – Modern Infrastructure, Cyber Security, Managed Services
IT Sales Manager responsible for driving B2B sales in Modern Infrastructure, Cyber Security, and Managed Services. Collaborating with consulting teams and establishing new markets in Germany.
Head of Compliance – HIPAA and Security
Head of Compliance (HIPAA) leading strategic legal support and data governance for Bask Health. Overseeing compliance frameworks, training, and regulatory adherence in a remote setup.
Security Engineer
Security Engineer protecting Serve’s delivery platform and infrastructure while collaborating with IT and engineering teams. Ensuring security best practices across cloud infrastructure and applications.
Member of Technical Staff – Security
First dedicated security hire responsible for building security practices at AI infrastructure company. Defining company-wide security strategy and collaborating with engineering and research teams.
Cybersecurity Engineer
Cybersecurity Engineer responsible for maintaining security in compliance-driven environments for Teal. Protecting clients through security monitoring, vulnerability management, and incident response.
Cybersecurity Lead
Lead Cybersecurity Strategy at Intersect, safeguarding critical systems in a cloud-first environment. Collaborate cross-functionally to integrate security practices for innovative energy solutions.
Principal, Multicloud Data Center Solutions – AI, Data Security & Resilience
Lead development of solutions for enterprise Multicloud/Data Center, AI & Data and Security & Resilience at Dell Technologies. Engage with customers and drive transformative technology solutions.
Lead Security Officer – Rotational
Lead Security Officer ensuring health, safety and security for clients in remote settings. Providing oversight, training, and recommendations based on security operations.
Security Officer, Seasonal
Remote Security Officer monitoring and patrolling assigned areas for safety and security. Working in remote settings where health, safety, and security is a priority.