[Remote] Staff Product Security Engineer
Note: The job is a remote job and is open to candidates in USA. World is building a real human network designed to accelerate people in the age of AI. As a Product Security Engineer, you will be a hands-on technical leader responsible for safeguarding the products and services that power the World project, embedding security into every stage of the development lifecycle.ResponsibilitiesLead secure architecture reviews and threat modeling sessions for new application and cloud servicesEngineer and implement automated security guardrails and reusable libraries to make the secure path the easy path for developersPerform deep-dive, security-focused code and infrastructure reviews in languages like Rust, Go, and PythonOwn the vulnerability management process, from triaging bug bounty submissions to driving remediation efforts with engineering teamsMature and scale our Secure SDLC and bug bounty programs to keep pace with a rapidly growing engineering organizationSkills12+ years of hands-on experience in Product Security, Application Security, or Cloud SecurityProficient in code review and development in languages like Rust, Go, and PythonExtensive experience securing modern AWS architectures and developing secure infrastructure-as-code (e.g., Terraform and CDK)Expert in leading threat modeling sessions and providing actionable guidance to engineering teamsStrong background in implementing and managing security tooling (SAST, DAST, SCA) and embedding security into CI/CD pipelinesDeep understanding of web and API security principles (OWASP Top 10) and have experience securing distributed, mobile-first systemsExperience scaling a security champions programExpertise in Kubernetes (EKS) and container securityParticular interest in securing mobile applications or smart contractsBenefitsCompetitive long-term incentive packageHealthcareDentalVision401(k) plan and matchLife insuranceFlexible time offCommuter benefitsProfessional development stipendCompany OverviewWorld connects users through a privacy-focused network with secure digital asset management. It was founded in 2019, and is headquartered in San Francisco, California, USA, with a workforce of 201-500 employees. Its website is https://world.org.Company H1B SponsorshipWorld has a track record of offering H1B sponsorships, with 1 in 2024. Please note that this does not guarantee sponsorship for this specific role.