Sprinto
Product Security Engineer - Remote
Job Summary
The role involves leading product security initiatives by integrating security into the SDLC, conducting threat assessments, and managing vulnerability remediation. The candidate will perform security reviews, provide design feedback, and ensure compliance with standards like SOC 2 and ISO 27001. Experience with security tools, cloud environments, and container security is essential. The position offers flexible work hours, medical and accident insurance, and educational support.
Required Skills
Benefits
Job Description
Sprinto is a leading platform that automates information security compliance. By raising the bar on information security, Sprinto ensures compliance, healthy operational practices, and the ability for businesses to grow and scale with unwavering confidence. We are a team of300+ employees & helping2500+ Customers across75+ Countries. We are funded by top investment partnersAccel, Elevation,and Blume Ventures and have raised 31.8 million USD in funding, including our latestSeries B round.
The Role
We are looking for aProduct Security Engineer to lead efforts in securing our products. This role involves integrating security into the SDLC, conducting threat assessments, and collaborating with engineering teams to ensure secure design and coding practices. You will also manage vulnerability remediation, ensure compliance, and educate teams on security best practices
- Secure SDLC Integration: Embed security into CI/CD pipelines and secure coding practices across development teams.
- Threat Modeling & Risk Assessments: Perform threat assessments and define mitigation strategies for new features.
- Application Security Audits: Conduct security reviews and vulnerability assessments for applications.
- Security Design Reviews: Provide feedback on product designs to ensure security is built in from the start.
- Vulnerability Management: Oversee vulnerability identification, prioritization, and remediation workflows.
- Cross-Functional Collaboration: Work closely with development teams to promote secure coding and operational practices.
- 5–9 years in application security, product security, or related roles.
- Proficient in web application security (OWASP Top 10), secure coding practices, and vulnerability remediation.
- Hands-on experience with security tools (SAST/DAST) and securing cloud environments.
- Familiar with cloud security (AWS, Azure) and container security (Docker, Kubernetes).
- Strong understanding of compliance standards like SOC 2, ISO 27001, and GDPR..
- Remote First Policy.
- 5 Days Working With FLEXI Hours.
- Group Medical Insurance (Parents, Spouse, Children).
- Group Accident Cover.
- Company Sponsored Device.
- Education Reimbursement Policy.
Sprinto
Sprinto is a security compliance automation platform for fast-growing tech companies that want to move fast and win big.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.