339 product security engineer jobs at 197 companies in Berkeley, CA
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Persona: Provides identity verification and fraud prevention software for businesses.
4+ YOE4+ years software engineering; 2+ years product security; translate security risk to product decisions; embed security into SDLC without blocking engineering
1X: Manufacturing safe, general-purpose humanoid robots for home and work.
5+ YOE5+ years in product/offensive security; strong Linux internals, penetration testing, cryptography/PKI, cloud/CI/CD security; proficiency in C/C++, Rust, Go or Python; bachelor’s in CS/InfoSec/Engineering or equivalent.
San Francisco or New York City or Seattle or Austin
$151k-$280k/yrOnsiteFull Time
Rippling: Unified platform managing workforce HR, IT, and finance operations
5+ YOE5+ years product security experience, deep web application security, fluency in Python, React, Django Rest Framework, experience with code review, CI/CD application security, and mentoring engineering teams.
Irvine or Newport Beach or Denver or Seattle or San Francisco
$185k-$220k/yrHybridFull Time
Compa: AI-powered compensation intelligence platform for enterprise teams.
5+ YOE5+ years software engineering experience, application and cloud security reviews, threat modeling, secure SDLC, cloud-native and IAM knowledge, strong systems thinking and communication skills.
DataRobot: Provides an enterprise platform for building and governing AI.
8+ YOEMust be a U.S. citizen with 8+ years in information security/product security, federal compliance (FedRAMP/DoD) experience, proficiency with Python or Go, container/Kubernetes security knowledge, and strong communication skills.
Candid Health: Automates medical billing and revenue cycle management for healthcare providers.
5+ YOE5+ years in software or security engineering focusing on product security; strong cloud and web security knowledge; collaboration and problem solving.
DepthFirst: AI-native platform to autonomously detect and remediate software vulnerabilities
3+ YOE3+ years software engineering; strong customer-facing skills; experience in application security or security research; Python proficiency; building integrations, APIs, and data pipelines; willing to travel to client sites.
Cardless: Embedded platform for launching-branded credit card programs.
Hands-on product security role requiring production coding (Java/Python), secure API design, auth and anti-fraud experience, AWS (IAM/KMS), SAST/DAST, incident response, and translating SOC 2/PCI DSS controls into engineering solutions.
Airwallex: Global financial platform for business payments and money management.
5+ YOE5+ years in security engineering or incident response, experience with a major cloud platform, CI/CD tooling, strong adversary/forensic knowledge, incident response skills, and excellent communication.
Headway: Builds technology that helps therapists accept insurance and run their practice to increase access to mental health care.
5+ YOE5+ years security or software engineering experience, strong application and product security skills, experience with cloud and modern stacks, security reviews, incident response, and AI-native tooling.
HologicNASDAQ: HOLX: Develops medical technology for women's healthcare and diagnostics.
4+ YOEMaster's or Bachelor's in CS/related, 4+ years in computer/network security, cloud platforms, Windows/Linux, secure development, threat modeling, scripting (PowerShell/Python/C#/C++), and security tooling (SAST/SCA/DAST).
PowerShell, Python, C#, C++, SAST, SCA, DAST, Azure, Microsoft Windows, Linux, CI/CD, DevSecOps, STRIDE, Threat Modeling, OWASP Top 10, CWE
SandiskNasdaq: SNDK: Designs and manufactures flash memory and data storage products.
5+ YOEBachelor's in CS/EE/CE/Cybersecurity, 5+ years in product security or embedded/firmware/hardware security, experience with threat modeling, risk assessment, vulnerability management, and strong communication skills.
OktaNASDAQ: OKTA: Provide secure identity management and authentication for enterprises.
7+ YOE7+ years in information security with deep application/offensive research or AI/ML security, hands-on assessment of LLM-integrated and agentic systems, proficiency in multiple programming languages, threat modeling, manual code review, and strong communication.
AdobeNASDAQ: ADBE: Provides software for digital media creation and marketing analytics
4+ YOEMid-level software security engineer with 4-6 years of experience, strong Python/JavaScript, AI/ML security, cloud and container deployments, and secure SDLC knowledge.
Collective: All-in-one financial platform for self-employed entrepreneurs.
4+ YOE4+ years security engineering experience focused on application security; hands-on SAST/DAST/SCA tooling and CI/CD integration; experience with remediation, threat modeling, and AI/LLM-driven automation.
RedditNYSE: RDDT: Social platform for community-driven discussion and content sharing.
8+ YOE8+ years in software engineering or product/security; experience in security frameworks, CI/CD integration, and developer workflows; strong communication; experience with AI/LLM tooling security.
SalesforceNYSE: CRM: Sells cloud-based customer relationship management and business software solutions.
8+ YOE8+ years in security roles, experience with LLMs/agentic systems, knowledge of AI security attack surfaces, threat modeling, pen/code reviews, strong communication, and a related technical degree required.
LLMs, RAG, MITRE ATT&CK, ISO 27001, SOC 2, PCI DSS, OWASP Top 10, CWE Top 25