Staff Product Security Engineer - Customer Platform

About This Role

As a Staff Product Security Engineer, you will ensure the security of Valon's systems, cloud infrastructure, products, and data by designing and implementing secure capabilities for ValonOS, an AI-native operating system for regulated finance.

Responsibilities

• Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform
• Architect and guide secure implementation of customer-facing security capabilities (e.g., authentication, authorization, identity integration, access controls, audit and logging, encryption, key management)
• Build and maintain security reference architectures and standardized secure design patterns for product teams
• Lead threat modeling, security design, and code reviews for new features, services, and major architectural changes
• Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks
• Support vulnerability triage, remediation strategy, and root cause analysis for product security issues
• Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence
• Develop, implement, and enforce security policies, standards, and procedures
• Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes

Requirements

• Extensive experience in product security, application security, or security architecture roles
• Ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities
• Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (GCP preferred)
• Proven experience in SaaS IAM and tenant security (e.g., authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs)
• Expertise in designing secure platform controls (e.g., APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring)
• Demonstrated ability to build and maintain security reference architectures
• Expert-level experience leading threat modeling and security design reviews including security-focused code reviews
• Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts)
• Highly hands-on engineer with proven ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently
• Excellent communication and collaboration skills
• Proven ability to design security reference architectures and implement customer platform security controls and technologies
• Hands-on experience with modern security technologies and tooling across cloud and application security

Qualifications

• Bachelor's degree in Information Security, Computer Science, Technology or related field
• 8+ years in progressive senior security engineering or architect roles, with 3+ years leading security design for enterprise-grade cloud and SaaS platforms

Nice to Have

• Prior software engineering experience and/or coding ability (Python)
• Experience working in high-growth or startup environments

Skills

* Required skills

Benefits

Certifications