1

Product Security Code Review Engineer Jobs in Colorado

Programming Languages (Ruby, Go, Rust, JavaScript), Cloud Armor WAF, Static Application Security ... code reviews of new features and bug fixes Complete security assessments of new products, services ...

Product Security Engineer

Denver, CO · On-site

$185K - $220K/yr

When a strategic security initiative spans application code, cloud infrastructure, identity, and ... Perform architecture reviews, threat modeling, and security design reviews across applications ...

New

Senior Application Security Engineer

Broomfield, CO · On-site

$59.25 - $79/hr

Programming Languages (Ruby, Go, Rust, JavaScript), Cloud Armor WAF, Static Application Security ... code reviews of new features and bug fixes • Complete security assessments of new products ...

Senior Application Security Engineer

Broomfield, CO · On-site

$59.25 - $79/hr

Programming Languages (Ruby, Go, Rust, JavaScript), Cloud Armor WAF, Static Application Security ... code reviews of new features and bug fixes ● Complete security assessments of new products ...

Collaborate cross-functionally with firmware, hardware, and product teams to ensure security ... Familiarity with AI-assisted developer tools for coding, testing, and code review (with human ...

Senior Product Security Engineer

Denver, CO

$117K - $161K/yr

Perform security architecture reviews for complex CI/CD, cloud, and Kubernetes environments ... Experience implementing GitOps workflows and securing infrastructure-as-code (Terraform ...

Sr. Application Security Engineer

Denver, CO · On-site

$60.50 - $80.75/hr

This role partners directly with product, engineering, architecture, DevOps, cloud, and security ... reviews, threat modeling, secure coding practices, vulnerability management, CI/CD security ...

Sr. Application Security Engineer

Denver, CO

$60.50 - $80.75/hr

This role partners directly with product, engineering, architecture, DevOps, cloud, and security ... reviews, threat modeling, secure coding practices, vulnerability management, CI/CD security ...

Sr. Application Security Engineer

Denver, CO · On-site

$60.50 - $80.75/hr

This role partners directly with product, engineering, architecture, DevOps, cloud, and security ... reviews, threat modeling, secure coding practices, vulnerability management, CI/CD security ...

next page

Showing results 1-20

Product Security Code Review Engineer information

What are the key skills and qualifications needed to thrive as a Product Security Code Review Engineer, and why are they important?

To thrive as a Product Security Code Review Engineer, you need a deep understanding of secure coding practices, software development lifecycles, and vulnerability assessment, typically backed by a degree in computer science or a related field. Familiarity with static and dynamic analysis tools, code review platforms, and certifications like CISSP or OSCP is highly valuable. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for explaining security findings and collaborating with development teams. These skills and qualities are vital to identify, communicate, and mitigate security risks in code, ensuring the overall resilience of software products.

What are some typical challenges faced by Product Security Code Review Engineers when coordinating with development teams?

Product Security Code Review Engineers often encounter challenges in balancing security priorities with project timelines and developer workflows. Effective communication is essential, as engineers must clearly explain vulnerabilities and remediation steps to developers who may have varying levels of security expertise. Additionally, they need to ensure that security recommendations are practical and align with the product's architecture, all while fostering a collaborative environment rather than creating bottlenecks. Building strong relationships with development teams and understanding their processes helps streamline secure code adoption and continuous improvement.

What is the difference between Product Security Code Review Engineer vs Software Security Engineer?

AspectProduct Security Code Review EngineerSoftware Security Engineer
Primary FocusReviewing and analyzing source code for security vulnerabilities in productsDesigning and implementing security measures across software systems
Skills & CertificationsSecure coding, code review, security standards (e.g., OWASP), certifications like CSSLPSecurity architecture, threat modeling, secure coding, certifications like CISSP
Work EnvironmentCollaborates with development teams during product developmentWorks on system-wide security strategies and architecture
Industry UsageCommon in product-based companies, especially in tech and cybersecurityFound in organizations focusing on overall security infrastructure

While both roles focus on security, the Product Security Code Review Engineer primarily reviews source code for vulnerabilities in specific products, whereas the Software Security Engineer develops and implements security strategies across software systems. The roles often overlap but differ in scope and focus.

What is a Product Security Code Review Engineer?

A Product Security Code Review Engineer is a cybersecurity professional responsible for analyzing and reviewing application source code to identify and mitigate security vulnerabilities. They work closely with development teams to ensure secure coding practices, review code for compliance with security standards, and recommend fixes for potential security issues. Their goal is to prevent security breaches by catching vulnerabilities early in the software development lifecycle.
What are popular job titles related to Product Security Code Review Engineer jobs in Colorado? For Product Security Code Review Engineer jobs in Colorado, the most frequently searched job titles are:
What job categories do people searching Product Security Code Review Engineer jobs in Colorado look for? The top searched job categories for Product Security Code Review Engineer jobs in Colorado are:
What cities in Colorado are hiring for Product Security Code Review Engineer jobs? Cities in Colorado with the most Product Security Code Review Engineer job openings:
Senior Application Security Engineer

Senior Application Security Engineer

Recurly

Broomfield, CO

$59.25 - $79/hr

Full-time

Medical, Dental, Vision, Life, Retirement

Posted 16 hours ago


Job description

As a member of the Application Security team, you will help prevent and mitigate vulnerabilities by collaborating with the rest of the organization and contributing product security enhancements. You will represent the organization to external security researchers via our Bug Bounty program, use a variety of tools to identify and manage application vulnerabilities, perform risk assessments, and work with developers to prevent security problems before they happen. This position will require a close working relationship with our development teams and their management to be successful. This is a highly visible role in the company to ensure that Recurly remains ahead of emerging application threats.

Technology/Services you will use: 

Programming Languages (Ruby, Go, Rust, JavaScript), Cloud Armor WAF, Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools, Software Composition Analysis (SCA) tools, Bug Bounty Programs, Containers, Git and similar.

The Application Security team shares the following responsibilities. The ideal candidate will be flexible and prepared to contribute across all of these areas as needed:

Manage the end-to-end engineering and integration of AI/ML-driven security solutions into our DevSecOps pipeline and existing application security processes to maximize efficiency and coverage

Architect, build, and maintain the infrastructure and tooling necessary to successfully deploy and operate new AI-powered security capabilities

Proactively evaluate, pilot, and champion innovative ways to leverage artificial intelligence for vulnerability detection, threat modeling, and risk assessment optimization

Use threat modeling to provide security guidance to Engineers

Deliver secure development training

Complete security code reviews of new features and bug fixes

Complete security assessments of new products, services, and vendors

Perform risk assessments to add items to the security backlog and prioritize that backlog

Triage, reproduce, and work with application teams to fix bug bounty and pentest findings

Review security posture and roadmap, make suggestions, and bring new ideas to the table

Implement tooling into the DevSecOps pipeline to automate security testing

Coordinate with SecOps to ensure that incident response plans for application-related incidents are up-to-date and valid

Respond to incidents for high severity application vulnerabilities

Implement Product Security features to increase the overall security of the application

Triage and manage the results of automated scanning tools

Conduct penetration tests on significant code changes being released

Requirements

Strong candidates should possess a blend of experience in the following:

Developing in multiple programming languages

Collaborating closely with development teams in a DevSecOps environment

Managing Bug Bounty programs

Demonstrated experience engineering and managing the integration of AI/ML models or tools into security pipelines (DevSecOps).

Enthusiasm for exploring and implementing emerging technologies, specifically AI, to solve complex security challenges and increase team efficiencyUsing Static and Dynamic Code Analysis tools

Building security checks into the CI/CD pipeline

Conducting application analysis with Burp Suite

Working with Terraform, Graylog, GCP, and Kubernetes

Performing website application penetration testing

Benefits

As a full-time employee, Recurly offers competitive benefits programs, perks and options designed to fit your needs and the needs of your family. We offer medical, dental and vision benefits and a menu from which to choose options that work best for you and eligible dependents. We also offer life insurance, short and long-term disability, hospital indemnity, critical illness coverage, employee accident protection, health savings account (HSA) with company contribution & flexible spending account (FSA) options, employee assistance program, Legal and Pet Insurance.

Other perks may include:

401(k) Retirement Plan and company match

Flex Time Off

Company Events

Training/Development

Tuition reimbursement

Commuter benefits

Volunteer opportunities

Recurly is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to gender, age, race, religion, or any other classification which is protected by applicable law. Recurly is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at talent@recurly.com