Product Security Engineer, Infrastructure Security

Own Company

Own Company

Other Engineering, Product

Bellevue, WA, USA

Posted on May 8, 2026
Apply now

Description

*IN SCHOOL OR GRADUATED WITHIN THE LAST 12 MONTHS? PLEASE VISIT FUTURE FORCE FOR OPPORTUNITIES*

We're hiring a Product Security Engineer join our Infrastructure Security Team. This role requires the ability to engineer automated guardrails, contribute to "paved path" templates, and assist in maintaining multi-cloud hygiene. This team is responsible for reducing developer toil while enforcing rigorous security configurations.

Responsibilities:

  • Assist in the engineering and deployment of automated policy-as-code controls (e.g., OPA, Checkov) within CI/CD and runtime environments.

  • Support the development and certification of Infrastructure-as-Code (IaC) modules. Ensure Terraform and multi-substrate templates adhere to strict security standards before they reach the engineering lifecycle.

  • Participate in the maintenance of Key Risk Indicator (KRI) dashboards for AWS and GCP. Analyze multi-cloud asset data to identify and remediate privilege escalation paths.

  • Actively identify manual security processes and develop automated scripts or tooling to eliminate them.

  • Contribute to building and maintaining the shared system context, an explicit repository of system designs, constraints, and standards that enables AI to operate accurately and reliably.

Performance Expectations:

  • Do not wait for vulnerabilities to hit production. Proactively identify and block insecure configurations at the development stage.

  • Solutions must minimize false positives. High-noise implementations will be rejected.

  • Do not solve for the single instance. Build for the organization. All solutions must scale across all Salesforce Clouds.

Required Technical Competencies:

  • 2+ years of professional related experience

  • Deep familiarity with Terraform. Must understand how to write and validate secure modules.

  • Functional knowledge of AWS or GCP security configurations. Understanding of IAM, network boundaries, and organizational policies.

  • Experience or strong aptitude for learning OPA (Open Policy Agent) or Checkov to implement preventative controls.

  • Proficiency in Python or Go for automating security signal collection and remediation workflows.

  • Understanding of how to integrate security tooling into automated deployment pipelines without impacting delivery velocity.

  • A demonstrated, genuine AI-first approach to tasks. Using AI to move faster, build fluency across the stack, and contribute well beyond your core specialty.

  • Experience using AI tools (e.g., Claude Code, GitHub Copilot, Codex, Cursor, etc.).

  • Advanced prompt engineering skills and the ability to write precise, structured prompts and cultivate the system context that makes AI outputs reliable, secure, and production-ready.

  • A related technical degree required.

*IN SCHOOL OR GRADUATED WITHIN THE LAST 12 MONTHS? PLEASE VISIT FUTURE FORCE FOR OPPORTUNITIES*

Apply now
See more open positions at Own Company