Senior Product Security Engineer

About the Job:

As a Senior Product Security Engineer at LaunchDarkly, you’ll help ensure the safety of our customers' data and the resilience of our platform. You’ll be part of a small, high-leverage team focused on building secure systems and enabling secure product development. Your work will directly support the business by helping developers move fast without sacrificing security through automation, guidance, and engineering.

We’re looking for someone who is a systems thinker - that can spot broad patterns, identify systemic weaknesses, and drive long-term improvements. You have a track record of building relationships, partnering, and mentoring across teams and levels, from engineers to executives. You think strategically and act pragmatically, balancing business objectives with security needs. You’re motivated by building a culture of security that enables innovation rather than slowing it down.

You’ll report to the Director of Security and work closely with software engineers, product managers, and other security engineers to reduce the risk of unwanted security outcomes across LaunchDarkly’s platform.

Responsibilities:

• Serve as a senior advisor to Product and Engineering teams, providing expert guidance on secure design, architecture, and implementation.
• Lead complex security reviews for new products, features, and integrations - helping teams identify risks early and build resilient solutions.
• Drive and own cross-functional security initiatives (e.g., secure development standards, dependency management, bug bounty program management, threat modeling exercises).
• Anticipate and address emerging risks, providing leadership in prioritizing and remediating critical vulnerabilities.
• Mentor other engineers, security champions, and stakeholders to raise LaunchDarkly’s overall security posture.
• Partner with Security leadership to develop security metrics, reporting, and strategy - making sure that security is measurable and tied to business outcomes.
• Act as a key contributor to incident response, root cause analysis, and lessons-learned activities.
• Represent security in cross-organizational forums, influencing decisions that shape product roadmaps and technical direction.

Qualifications:

• Have 5+ years of experience in application security, product security, or a related role
• Have strong software engineering skills and can write & review secure, maintainable code in at least one modern programming language (e.g., Go, Python, JavaScript/TypeScript)
• Can demonstrate proactive approaches to security that have effectively improved team productivity by reducing reactive work 
• Know how to effectively integrate security into the software development lifecycle, including build piрelines and developer tooling
• Have experience with leveling up other engineering teams by improving their security awareness and practical skills that help to avoid security bugs in production
• Communicate clearly and work effectively across teams, building relationships and collaborating with product managers, developers, and infrastructure teams
• Are self-directed and comfortable in fast-moving or ambiguous environments — you can identify problems and lead the way to solve them
• Ready to jump into an active product & application security program with a great team, looking for ways to support existing team members and innovate the program further
• Have experience securing cloud-native applications (especially on AWS), including modern infrastructure-as-code, microservices, and service mesh environments
• Understand the types of security issues common in SaaS platforms (e.g., SSRF, IDOR, SQL injection, XSS, etc.) and know how to discover them early and address the root causes
• Familiar with common security frameworks (e.g. OWASP Top 10, CWE Top 25, CIS Critical Security Controls, BNGO Framework, MITRE ATT@CK Framework)

About LaunchDarkly:

Modern software delivery was supposed to be the foundation for a thriving digital business but reality has proven otherwise. Slow, inefficient development cycles, costly outages, and fragmented customer experiences are preventing developers from building their best software. The LaunchDarkly platform helps developers innovate on new features faster while protecting them with a safety valve to instantly rewind when things go wrong. Developers can target product experiences to any customer segment and maximize the business impact of every feature. And by gradually rolling out new application components, they escape nightmare "big-bang" technology migrations. 

The LaunchDarkly platform was built to guide engineers to the next frontier of DevOps by:

• Improving the velocity and stability of software releases, without the fear of end customer outages
• Delivering targeted experiences by easily personalizing features to customer cohorts
• Maximizing the business impact of every feature through the ability to experiment and optimize
• Coordinating the release and optimization of software to provide consistent experiences across mobile platforms and device types
• Improving the effectiveness and productivity of engineering teams, by providing insights into engineering cadence and stability

At LaunchDarkly, we believe in the power of teams. We're building a team that is humble, open, collaborative, respectful and kind. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, or disability status. LD invites any applicant to review our written Affirmative Action Plan. To do so, contact People Ops at [email protected]. 

Learn more about the interview process & what it’s like to work with LaunchDarkly's Product Delivery team!

Do you need a disability accommodation?

Fill out this accommodations request form and someone from our People Operations team will contact you for assistance.