Senior Product Security Engineer - Applications

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!

We are Optimum, a leader in the fast-paced world of connectivity, and we're on the hunt for enthusiastic professionals to join our team! We understand that connectivity isn't just a luxury anymore - it's a necessity that empowers lives, fuels businesses, and drives innovation. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. We owe our success to our amazing product, commitment to our people and the connections we make in every community.

If you are resourceful, collaborative, team-oriented and passionate about delivering consistent excellence, Optimum is the Company for you!

We are Optimum!

Job Summary

The Product Security organization helps Optimum move faster, securely. We're a team of engineers who work to enable other teams to build products as quickly as possible while continuing to protect our customers. We support developers in shipping secure code by building security tools and services, providing security training and expertise, and advocating for best practices in authentication, authorization, and safe data handling across the company.


As a Product Security Engineer focusing on application security, you'll be a trusted partner, collaborating closely with engineering and product teams to ensure security is a cornerstone of every product. You will partner with leadership to shape product strategy, advocate for strong security controls, and influence future product iterations. By leveraging your deep industry knowledge, you'll lead the charge in implementing secure architecture and design principles, ensuring early detection and prevention of vulnerabilities. Your expertise in security assessments and software engineering will help identify and mitigate potential threats, while your mentorship and training efforts will foster a security-first culture.


Responsibilities

• Collaborate with engineering and product teams to integrate security and secure-by-default guardrails into the product lifecycle, ensuring that security is a core consideration in all design and development decisions.
• Conduct Threat Modeling and Risk Assessments from the early stages of the product development lifecycle to identify, assess, and prioritize security risks, enabling proactive mitigation strategies.
• Perform rigorous security testing and reviews to uncover and address security weaknesses.
• Lead initiatives automating security processes from the developer workstation to cloud, SaaS, and datacenter environments.
• Design, build, deploy, and support security-focused solutions across cloud and on-premise footprints.
• Foster a security-first culture by educating and empowering engineering and product teams through training, awareness campaigns, and mentorship, cultivating a strong security mindset.
• Stay updated on the latest security threats, vulnerabilities, and technology trends, and proactively implement improvements.
• Contribute to incident response efforts, investigate root causes, and implement corrective actions to minimize impact and prevent future occurrences.

Qualifications

• Bachelor's degree in Computer Science, Electrical Engineering, a related field, or equivalent professional experience. Master's degree is a plus.
• 5+ years of combined hands-on experience in software engineering and application and infrastructure security, including securing cloud-based and containerized environments.
• Demonstrable experience with product and application security concepts, including API, web, and mobile app security.
• Excellent communication skills, both written and verbal, and the ability to communicate complex security concepts to technical and non-technical audiences, including senior leadership.
• Proven ability to establish credibility and build trust with engineers and operational staff.
• Expertise in conducting comprehensive threat modeling, risk assessments, and code reviews to identify and mitigate vulnerabilities.
• Experience building, deploying, and securing workloads and infrastructure in Google Cloud Platform (GCP).
• Experience utilizing and securing AI/ML models and AI-integrated solutions, a general understanding of AI concepts, AI governance and risk management, and a willingness to learn more.
• Proficient in modern security frameworks, tools, and techniques. Familiarity with security standards and frameworks such as ISO, NIST, OWASP, etc.
• Proficiency in secure SDLC practices, commercial and open-source security testing tools (SAST, DAST, SCA, fuzzing), container security (Docker, Kubernetes), and cloud security (GCP, AWS, Azure).
• Practical experience securing CI/CD pipelines; Infrastructure-as-Code (IaC) tools like Terraform; GitLab and/or Github; artifact management.
• Strong understanding of both human and non-human identity management, enterprise and consumer authentication standards and use cases, and common protocols including OAuth and SAML.
• Experience overseeing vulnerability and threat management at the platform and application levels.
• Strong understanding of cryptography and key management use cases.
• Proficiency in one or more modern programming languages like NodeJS, Golang, Python, Java, and C/C++.
• Familiarity with AI Tools and AI First mindset

Preferred Qualifications:

• Consulting or other practical experience in application security, penetration testing, and/or red teaming.
• Experience with AI-enabled application security programs, security assessments, and penetration testing.
• Experience researching, recommending, and operationalizing AI security products and features.
• Deep knowledge of cloud security, networking security, Android or iOS security, IoT, or Wi-Fi.
• Security or technical conference participation, paper submissions, and public presentations.
• Participation in cyber security and/or open-source software communities.

At Optimum, we're fueled by our four core pillars: Taking Ownership, Upholding Transparency, Creating Community, and Demonstrating Expertise. Our commitment to empowering employees to take responsibility and embrace proactive problem-solving underpins Taking Ownership. Upholding Transparency is at the core of our culture, with open and honest communication fostering trust among our dedicated team and loyal customers. Creating Community is more than a goal; it's our daily commitment to fostering an environment of collaboration, innovation, and positivity. Demonstrating expertise is a promise we uphold through continuous learning and engagement with our customers to consistently deliver top-quality products and services. These pillars not only shape our culture but define Optimum as a place of excellence, trustworthiness, and thriving community, and we invite you to be a part of our journey.

If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team, so together, we'll shape the future of connectivity.


All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company's discretion based on business necessity.

We are an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.

The Company collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.

Applicants for employment with The Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.

We appreciate your interest in this opportunity. Applicants must be authorized to work for ANY employer in the U.S. Please note that at this time, we do not provide visa sponsorship for employment.