Senior Product Security Engineer - Remote

About the Role

We are seeking a Senior Product Security Engineer to join our team remotely at TRM Labs. As a Senior Product Security Engineer, you will play a crucial role in ensuring the security of our products and infrastructure. Your expertise will help us build a safer world for billions of people by tackling critical challenges such as human trafficking and financial fraud. This role is vital as you will be responsible for leading application security reviews and threat modeling, ensuring that our products are secure from development through deployment.

What You'll Do

• Lead application security reviews, including secure code review and architectural design.
• Develop automated testing processes and mature our Secure SDLC.
• Own and manage application security vulnerability management.
• Coordinate penetration testing engagements to identify and mitigate risks.
• Support software engineers by developing application security best practices.
• Maintain and enhance the bug bounty program to encourage proactive security measures.
• Foster a culture of security across the organization by training engineering teams on secure coding practices.
• Integrate security early in the development process to ensure that security protocols are followed throughout the product lifecycle.

Requirements

• Minimum 8 years of experience in software development and testing.
• BS in Computer Science, Computer Engineering, or a related field.
• Proficiency in programming languages such as Python, NodeJS, and React.
• Strong understanding of encryption, authentication, and authorization protocols.
• Deep experience with common software flaws and security testing methodologies.
• Professional experience with security solutions for cloud providers like GCP and AWS.
• Experience with security tools such as GitHub Advanced Security, SAST, DAST, and SCA tools.
• Excellent written and verbal communication skills.

Nice to Have

• Security certifications such as OSCP, CEH, or GWAPT.
• Familiarity with security frameworks like NIST SP 800-171 SSDF.
• Experience with web application testing frameworks such as BurpSuite and OWASP ZAP.

What We Offer

• Competitive salary range of $215,000 - $230,000 per year.
• Opportunity to participate in TRM’s equity plan.
• Flexible remote work environment.
• Collaborative and respectful team culture.
• Ongoing professional development and training opportunities.
• Work on impactful projects that protect civilization.
• Engage in a fast-paced, high-velocity work environment.
• Be part of a mission-driven team that values innovation and security.