Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Cherry

Senior Product Security Engineer

Cherry

Product Security Engineer ensuring security in FinTech products while collaborating with engineering teams. Leading security initiatives and best practices in a remote environment.

Posted 4/30/2026full-timeRemote • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies
AWSCloudSDLC

About the role

Key responsibilities & impact
  • Partner with product and engineering teams to perform security design reviews and threat modeling for new and existing features across Cherry's platform.
  • Own and evolve Cherry's product security program — including secure coding standards, vulnerability management, and security testing processes.
  • Lead security reviews for authentication and authorization systems, ensuring robust access control patterns across our web and mobile products.
  • Assess and improve the security posture of Cherry's cloud infrastructure including network controls, IAM policies, secrets management, and container security.
  • Champion security best practices for payment processing, financial and health data handling, in alignment with PCI DSS and relevant compliance frameworks.
  • Conduct or coordinate penetration tests, red team exercises, and bug bounty triage; drive remediation of identified vulnerabilities.
  • Build and maintain security tooling integrated into the SDLC - SAST, DAST, dependency scanning, and runtime protection.
  • Respond to security incidents, perform root cause analysis, and implement lasting fixes to prevent recurrence.
  • Educate and mentor engineers on security principles, fostering a culture of security ownership across the organization.
  • Monitor the threat landscape for emerging risks relevant to FinTech and healthcare-adjacent payment products.

Requirements

What you’ll need
  • 4+ years of experience in product security, application security, or a related security engineering role.
  • Deep expertise in authentication and authorization — including OAuth 2.0, OIDC, JWT, SAML, RBAC/ABAC models, and session management.
  • Hands-on experience securing cloud environments (AWS preferred), including IAM, VPC, container orchestration (EKS/ECS), and infrastructure-as-code.
  • Strong understanding of secure software development practices — OWASP Top 10, threat modeling (STRIDE or similar), secure code review, and vulnerability remediation.
  • Experience integrating security tooling (SAST, DAST, SCA) into CI/CD pipelines.
  • Excellent communication skills — able to articulate security risk clearly to both technical and non-technical stakeholders.
  • Proven ability to work cross-functionally in a fast-paced, high-growth engineering environment.

Benefits

Comp & perks
  • Competitive Base + Bonus
  • Generous equity grant
  • Medical, vision, and dental benefits
  • Fully remote company
  • Flexible PTO

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
product securityapplication securityauthenticationauthorizationcloud securitysecure software developmentvulnerability managementpenetration testingsecurity tooling integrationroot cause analysis
Soft Skills
communicationmentoringcross-functional collaborationsecurity ownership