Staff Product Security Engineer - GRAIL

Key Responsibilities

• Define and drive the product security roadmap, influencing architecture and design decisions across the product lifecycle.
• Conduct threat modeling, security reviews, and code assessments for new and existing features, ensuring alignment with industry best practices.
• Implement and maintain secure development pipelines, integrating automated security testing and remediation in CI/CD environments.
• Partner with engineering, product, and compliance teams to embed security controls into cloud‑native services, primarily on AWS.
• Mentor and coach security engineers and cross‑functional teams, fostering a security‑first culture.

Requirements

• 10+ years of experience in application security, with a proven track record of securing large‑scale, cloud‑based products.
• Deep expertise in threat modeling, secure coding practices, and DevSecOps tooling (e.g., SAST, DAST, IaC scanning).
• Strong programming skills in Python and familiarity with modern development frameworks.
• Extensive experience with AWS security services and designing secure cloud architectures.
• Excellent communication and leadership abilities, capable of influencing senior stakeholders and mentoring technical teams.