Product Security Engineer

Movable InkNew York City, NY
7d$170,000 - $200,000
Match Resume

About The Position

Movable Ink scales content personalization for marketers through data-activated content generation and AI decisioning. The world’s most innovative brands rely on Movable Ink to maximize revenue, simplify workflow and boost marketing agility. Headquartered in New York City with close to 600 employees, Movable Ink serves its global client base with operations throughout North America, Central America, Europe, Australia, and Japan. Movable Ink is hiring a Product Security Engineer to help secure our codebases, CI/CD pipelines, and development practices. To succeed in this role, you'll balance a security-first mindset with a practical understanding of how engineering teams ship software—finding ways to reduce risk without slowing down delivery. This is a hands-on opportunity to build and improve the automation that keeps our code and infrastructure safe, working closely with both the Security and Engineering teams. As AI coding tools and supply chain attacks increase risk across the industry, this role is critical to staying ahead of vulnerabilities before they reach production.

Requirements

  • 2+ years of experience in application security, DevSecOps, or a security-focused software engineering role
  • Hands-on experience with SAST, SCA, or secrets scanning tools (Semgrep, Dependabot, Snyk, or similar)
  • Familiarity with CI/CD pipelines and GitHub Actions
  • Understanding of common web application vulnerabilities (OWASP Top 10) and how to detect/prevent them
  • Experience reading and reviewing code in at least one language (Ruby, Python, JavaScript, or Go preferred)
  • Comfortable navigating codebases and working with engineering teams to explain and prioritize security findings
  • Strong written communication skills for documentation and customer-facing security responses
  • Self-motivated and able to manage competing priorities in a fast-paced environment

Responsibilities

  • Implement and maintain static application security testing (SAST) using Semgrep across our repositories
  • Configure and improve software composition analysis (SCA) tooling (Dependabot) to identify vulnerable dependencies
  • Manage secrets detection scanning (Trufflehog) and respond to findings
  • Integrate security scanning into CI/CD pipelines (GitHub Actions) to catch issues before code is merged
  • Triage and prioritize vulnerability findings, working with engineering teams to drive remediation
  • Support dynamic application security testing (DAST) efforts using tools like ZAP
  • Contribute to our Application Security Posture Management (ASPM) platform to centralize findings and track remediation
  • Set up and configure automation scripts to support our vulnerability management practices
  • Document secure coding guidelines and help educate developers on security best practices
  • Evaluate and recommend new security tools as the landscape evolves

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

501-1,000 employees

Job Search Resources

Similar Product Security Engineer job opportunities

Security Engineer, Product Security
Aircall
Aircall • Seattle Office, WA10d • $140,000 - $165,000
Security Engineer, Product Security
Aircall
Aircall • Seattle, WA11d
Product Security Engineer
Boeing
Boeing • Hazelwood, MO9d • $130,000 - $140,000
Product Security Engineer
Qube Research & Technologies
Qube Research & Technologies • New York, NY2d
Product Security Engineer
Gecko Robotics
Gecko Robotics • New York, NY1d
Product Security Engineer
Gecko Robotics
Gecko Robotics • Boston, MA2d • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service