Omilia
Tech / AI / Software
SeniorProductSecurityAnalyst
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Product Security Analyst at Omilia. Skills: Product Security, Application Security, Threat Modeling, Vulnerability Management, Secure SDLC, Risk Assessment, Cloud-Native SaaS Security. Safeguard products, platforms, and customers.. Independently identify, assess, and drive resolution of security risks across the product lifecycle.”
Industry & Context.
Independent technical and risk judgment; Challenging assumptions; Driving remediation
What They're Looking For.
Must Have
5+ years of experience in application security, product security, or a closely related domain., practical understanding of secure SDLC, application security principles (e. g. , OWASP Top 10), threat modeling, vulnerability management, and security risk assessment., Demonstrated experience owning end-to-end security reviews for applications or products, including release decision support., Hands-on familiarity with application security testing approaches (SAST, DAST, SCA), with the ability to interpret findings and assess real-world risk., Experience working with cloud-native SaaS environments, preferably AWS, including API driven and microservice based architectures., Working knowledge of PCI DSS and GDPR, with experience translating security and compliance requirements into engineering practices., Ability to apply independent technical and risk judgment, including challenging assumptions and driving remediation., communication skills, capable of engaging both engineers and business stakeholders., Experience working in agile or iterative development environments., verbal and written communication skills in English., Willingness to collaborate across distributed teams and time zones with reasonable flexibility.
Nice to Have
Bachelor’s or Master’s degree in Computer Science, Information Security, or a related technical field., Relevant certifications such as CCSP, CSSLP, AWS Certified Security, or AWS Solutions Architect., Experience with manual application security testing, secure design reviews, or API security analysis., Exposure to customer-facing SaaS platforms with regulatory or data protection requirements., Familiarity with AI-enabled or data-intensive systems, including emerging application security and privacy considerations., Experience contributing to the evolution of security standards, review patterns, or guardrails across multiple teams or products., Background in quickly evolving organizations that rapidly scale and mature security and compliance practices.
What You'll Do.
Independently identify
and drive resolution of security risks across the product lifecycle.
Act as the primary application and product security owner for assigned products.
Partner closely with engineering
Embed application-focused security practices into design and delivery.
Exercise sound technical and risk judgment in release decisions.
and resilience of product security capabilities.
Own end-to-end security reviews from design through release.
Lead application-focused security assessments
including architecture reviews
and secure design validation.
Independently assess security risk and approve
Provide authoritative
risk-based guidance to engineering teams.
Own vulnerability triage and prioritization for assigned products.
Interpret results from application security testing activities.
Monitor relevant external threats
and vulnerability trends.
Support investigation and remediation of product- and application-related security incidents.
Partner with engineering
and cloud teams to embed secure-by-design practices into the SDLC.
Apply hands-on technical judgment to validate engineering assumptions
challenge risk decisions
and ensure security controls are implemented effectively.
Contribute to the evolution of application security standards
and review practices.
Support alignment of application and product security practices with applicable frameworks such as PCI DSS and GDPR.
Translate internal controls into actionable engineering requirements.
Support evidence collection for audits and assessments.
Coordinate and support penetration testing
and third-party security assessments.
Ensure timely remediation and risk closure.
How You'll Work.
Team & Collaboration
Partnering closely with engineering, product management, cloud, and platform teams.; Building trusted, durable relationships with product, engineering, cloud, platform, and CGRC teams.; Clearly articulating security risk, trade-offs, and remediation options to both technical and non-technical stakeholders.; Collaborating across distributed teams and time zones.
Communication Scope
communication skills, capable of engaging both engineers and business stakeholders.; verbal and written communication skills in English.; Clearly articulate security risk, trade-offs, and remediation options to both technical and non-technical stakeholders.
Full Job Description
We are seeking a highly capable and pragmatic Senior Product Security Analyst to safeguard our products, platforms, and customers as we scale. This is a senior individual contributor role with clear accountability and decision-making authority, responsible for independently identifying, assessing, and driving resolution of security risks across the product lifecycle. Reporting to the Director, Product Security, you will act as the primary application and product security owner for assigned products, partnering closely with engineering, product management, cloud, and platform teams. You will embed application-focused security practices into design and delivery, exercise sound technical and risk judgment in release decisions, and play a key role in advancing the maturity, consistency, and resilience of our product security capabilities in a fast-growing environment. ### Product & Application Security Ownership * Act as the primary application and product security partner for assigned products and services, owning end-to-end security reviews from design through release. * Lead application-focused security assessments, including architecture reviews, threat modeling, and secure design validation for APIs, microservices, and SaaS platforms. * Independently assess security risk and approve, delay, or block releases when required, escalating decisions where business urgency or customer commitments necessitate alignment. * Provide authoritative, risk-based guidance to engineering teams, helping them understand not just what needs to be fixed, but also include security and risk context. ### Application Security & Vulnerability Management * Own vulnerability triage and prioritization for assigned products, ensuring findings are contextualized based on exploitability, exposure, and business impact. * Interpret results from application security testing activities (SAST, DAST, SCA, manual reviews), translating technical findings into actionable remediation guidance. * Monitor re
Applying for this Senior Product Security Analyst role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Omilia?
Real rants from real employees. Read before you apply.