Staff Product Security Engineer

Owlet Baby Careposted 3 days ago
Full-time • Senior
Resume Match Score
Upload and Match ResumeTrack Jobs with Teal

About the position

Owlet is changing the world of parenting with meaningful products that truly make a difference for millions around the world. Owlet has helped more than a million parents keep their children safe, while bringing joy and sleep to the parenting journey. We believe every parent deserves the peace of mind that comes with a better understanding of their baby’s needs. We are looking for a seasoned Staff Product Security Engineer to lead and advance our product and application security initiatives. This role demands deep technical expertise across all facets of product security and secure software development. Experience securing medical devices is a significant plus. The ideal candidate will be hands-on, strategic, and serve as a security champion across product engineering teams.

Responsibilities

  • Define and implement product and application security strategies throughout the SDLC.
  • Collaborate with product and engineering teams to design secure architectures for web, mobile, and cloud-based applications.
  • Integrate security best practices into CI/CD pipelines, promote secure coding practices, and conduct secure code reviews and threat modeling sessions.
  • Lead and perform penetration testing, static/dynamic code analysis, and security reviews for internally developed and third-party applications.
  • Develop and maintain automated security testing tools, workflows, and integrations to scale security across product teams.
  • Lead investigation and remediation of security incidents related to products and applications.
  • Support various compliance initiatives such as SOC2, ISO27001, Cyber Resilience Act, US Cyber Trust Mark.
  • Educate engineers on secure development practices, influence engineering culture, and act as a liaison between security and engineering teams.

Requirements

  • B.S. in Computer Science, Cyber Security or a related field.
  • 5+ years of experience in cloud security engineering with a focus on application/product security; experience securing medical devices is a plus.
  • Deep understanding of OWASP Top 10, secure coding, threat modeling, authentication/authorization, cryptography, and cloud-native application security.
  • Strong grasp of NIST CSF and other regulatory frameworks.
  • Experience with Data Governance and Privacy.
  • Certifications CISSP, CSSLP, GWAPT, or equivalent are a plus.
  • Experience with tools like SAST/DAST, SCA, container security, and languages like Python and JavaScript.

Benefits

  • Multiple medical plan options (PPO and High-Deductible with HSA), plus dental, vision, life, and disability coverage.
  • Wellness resources include mental health support, EAP access, and fitness incentives.
  • A competitive 401(k) plan with company match.
  • $500 Work From Home Stipend.
  • Employee stock purchase program and potential equity grants.
  • Generous flexible PTO policy, including Flex Fridays.
  • Paid parental leave (up to 14 weeks).
  • Remote/hybrid work options.
Build your resume with AI

A Smarter and Faster Way to Build Your Resume

Go to AI Resume Builder

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service