Product Security Engineer

Job Description :

The Product Security Engineers work closely with engineering teams to secure our Pluralsight platform. They will work on various Secure SDL programs to help identify security Threats and Vulnerabilities on our platform. Provide recommendations to engineering teams on how to address the vulnerabilities.

Who you’re committed to being :

You enjoy learning and are open to new ways of doing things.

You are not afraid to be yourself, experiment, make mistakes and learn from them, ask questions, or voice your concerns.

When communicating, you are self-aware, insightful, and proactive.

You are a team member first and individual contributor second. You are aware that high-performing teams are only as strong as their weakest link.

You believe in continuous improvement and request frequent feedback from others.

What you’ll do :

Support and enable engineering teams when performing and maintaining threat models and provide mentorship and guidance to engineers

Use knowledge of common risks and vulnerabilities to guide engineering teams in building products

Use and maintain security tooling and processes, such as SAST / DAST tools and vulnerability reporting

Promote and develop a security aware mind set among teams

Record and communicate vulnerability findings and keep records up to date

Automated DevSecOps security checkpoints

Collaborate with engineers through all phases of the SDLC

Experience you’ll bring :

3+ years of professional experience in product security, working with SaaS application & Cloud security.

An engineering graduate with computer science or information technology background.

Strong analytical and problem-solving skills

Good understanding of software development concepts and technologies

Knowledge of programming languages such as JavaScript, Java, C#, and Python

Experience with security tools and technologies such as Web Application Firewall, SAST, and DAST

Experience in performing Penetration testing in identifying security vulnerabilities

Knowledge on OWASP Top 10 / SANS Top 25 vulnerabilities

Experience communicating security threats and application vulnerabilities to technical and non-technical team members

Requirements :

Any Security Certifications like CEH, OSCP will be a plus.

Understanding of AI and LLM models is preferred.

An individual with an aptitude to learn and grow.

Hybrid Work Model : This role follows a hybrid schedule, with on-site work at our Bangalore office two days per week, as agreed up on with your leader. This approach helps us collaborate more effectively, make decisions more quickly, and build a stronger culture, while still providing flexibility.

Why you’ll love working here :

We’re a blended workplace, where team members work remotely or in a hybrid setup depending on their role and location

We’re mission-driven and values-guided.

We have a strong commitment to diversity and belonging.

We cultivate a culture of trust, autonomy, and collaboration.

We’re lifelong learners and champion team member growth and advancement.

We’ve got you covered : team member benefits include competitive compensation packages, medical coverage, unlimited PTO, wellness reimbursements, Pluralsight subscription, professional development funds, and more.

About us :

Pluralsight provides the only learning platform dedicated to accelerating the technology skills and capabilities of today’s tech workforce. Thousands of companies, government organizations and individuals around the world rely on Pluralsight to support critical technology skill development in areas that are crucial to innovation including artificial intelligence, cloud computing, cybersecurity, software development, and machine learning. Pluralsight provides highly curated content developed by vetted technology experts, industry leading skill assessments, and hands on, immersive learning experiences designed to help individuals skill-up faster.

#LI-AT1

#LI-Hybrid