Senior Product Security Engineer

About the Role

As a Product Security Engineer at Built, you will play a critical role in securing our platform, data, and AI initiatives. You’ll work hands-on with engineering teams to design secure architectures, embed security into the SDLC, and drive technical excellence across our cloud-native environment. This role blends deep technical security expertise, practical engineering experience, and strong cross-functional collaboration to help Built deliver secure, resilient, and trustworthy products to our customers.

What You’ll Do

Secure Architecture & Engineering

• Lead the design and implementation of secure architectures for Built’s applications, services, and AI/ML initiatives.
• Embed security throughout the development lifecycle by partnering with engineering teams on threat modeling, secure coding best practices, and design reviews.
• Conduct technical security reviews—including code assessments, dependency analysis, and architectural risk evaluations—to proactively identify and remediate vulnerabilities.

AI / ML Security

• Champion secure and responsible AI usage across Built’s product ecosystem.
• Drive security controls that address AI-specific risks such as prompt injection, data poisoning, insecure model integrations, and model-exploitation paths.
• Guide engineering and product teams on safe deployment patterns, monitoring, and ongoing validation of AI systems.

Offensive Security & Testing

• Perform internal penetration testing of applications, networks, and features to uncover weaknesses before attackers do.
• Support planning and execution of external third-party penetration tests, ensuring findings are triaged and addressed effectively.

Incident Response & Risk Management

• Participate in application-security–focused incident response activities, including investigation, containment, and root-cause analysis.
• Conduct ongoing security research and maintain awareness of emerging threats, especially those relevant to cloud-native systems and AI/ML technologies.

Enablement, Leadership & Culture

• Mentor engineers and security team members, driving adoption of security-first principles and scalable secure-by-default patterns.
• Influence cross-functional teams through technical leadership, helping define security standards, guardrails, tooling, and long-term security strategy.
• Promote a culture of high trust, continuous learning, and technical excellence.

Qualifications

Required

• 10 years of deep technical expertise in application security and secure software development practices.
• Strong understanding of modern distributed systems, APIs, cloud-native architectures, and microservices.
• Experience with AI/ML security concepts, including risks such as prompt injection, data poisoning, and insecure model integrations.
• Hands-on experience with security tooling and automation (SAST/DAST, dependency scanning, IaC scanning, observability, runtime monitoring).
• Ability to conduct technical security reviews, threat modeling, and architectural risk assessments.
• Proven ability to mentor and influence engineering teams to adopt secure-by-default practices.
• Strong analytical and problem-solving skills with the ability to balance security rigor and product velocity.
• Excellent communication skills with the ability to articulate complex risks to both technical and non-technical stakeholders.

Preferred

• Experience securing financial data, high-risk data flows, or data-intensive platforms.
• Experience with AWS cloud security, Kubernetes, and container security.
• Familiarity with CI/CD pipeline tooling such as GitHub Actions or Rundeck.
• Experience with Snowflake or similar data warehousing technologies.
• Understanding of regulatory and compliance frameworks relevant to AppSec and AI security (e.g., SOC 2, NIST).
• Background in offensive security or penetration testing (internal or third-party coordination).
• Experience supporting incident response, root-cause analysis, and security research.

How This Role Elevates Built to the Next Level

• Secure AI Innovation: As Built invests more heavily in AI-driven workflows, secure AI systems become foundational. This role ensures our AI features are safe, robust, and trusted by customers and regulators alike.
• Scalable Secure Engineering: By embedding security in the SDLC—rather than at the end—you’ll help transform security into a natural part of how we build software.
• Reduced Risk, Faster Delivery: Your expertise eliminates systemic vulnerabilities early, reducing future incidents and enabling teams to ship faster with confidence.
• Elevating Built’s Trust Posture: Strong product security directly reinforces our brand, especially in financial services where trust is everything.

Why This Role Is Mission-Critical for Built

• We handle financial data—a high-value target requiring best-in-class protection
• Our platform is evolving rapidly with AI and cloud-native architectures, both high-risk domains
• Customers, auditors, and regulators expect strong AppSec rigor
• Secure products = trusted products, which is critical for SaaS adoption in the finance industry
• This person is the technical backbone ensuring Built’s products remain secure, resilient, and trustworthy, enabling us to scale confidently while pioneering new capabilities—especially in AI.

 

Built’s salary range for this position is $120,000-$185,000 USD per year. The pay range is designed to accommodate upward mobility in the role, therefore it encompasses the full span of proficiency levels for this role and we believe that the midpoint of the range is competitive in the market. Salary is just one component of Built's total compensation package for employees. Your total rewards package at Built will include equity, top-notch medical, dental and vision coverage, an unlimited PTO policy, and other benefits.