Remote Staff Product Security Engineer - Customer Platform

About the Role

We are seeking a seasoned and highly skilled Remote Staff Product Security Engineer - Customer Platform to join our growing team at Valon Tech! As a key security member, you will play a critical role in ensuring the security of our organization's systems, cloud infrastructure, products, and data. This Remote Staff Product Security Engineer position blends product security architecture and technical control implementation, incorporating security by design into ValonOS.

What You'll Do

• Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform.
• Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication/authorization models, identity integration, access controls, audit and logging, encryption/key management).
• Build and maintain security reference architectures and standardized secure design patterns for product teams.
• Lead threat modeling, security design, and code reviews for new features, services, and major architectural changes.
• Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks.
• Support vulnerability triage, remediation strategy, and root cause analysis for product security issues.
• Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence.
• Develop, implement, and enforce security policies, standards, and procedures.
• Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes.

Requirements

• 8+ years in progressive senior security engineering or architect level roles, with 3+ years leading security design for enterprise-grade cloud and SaaS platforms.
• Bachelor's degree in Information Security, Computer Science, Technology, or related field.
• Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar).
• Proven ability to design security reference architectures and implement customer platform security controls and technologies (IAM, API security, encryption/key management, logging/monitoring, and others).
• Hands-on experience with modern security technologies and tooling across cloud and application security.

Nice to Have

• Prior software engineering experience and/or coding ability (Python) is preferred.
• Experience working in high-growth or startup environments is a plus.

What We Offer

• Base Compensation Band: $190K - $260K, determined by experience, qualifications, and skills.
• Competitive salary with a meaningful stake in the company via equity and a 401k plan.
• Comprehensive medical, dental, & vision benefits.
• Pre-tax deductions for public transportation, rideshare services, and parking expenses.
• Flexible paid time off, sick days, and 11 company holidays.
• 12 weeks off for both birthing and non-birthing parents - fully paid.