1

Product Security Code Review Engineer Jobs in Colorado

Director of Security

Denver, CO · On-site

$180K - $220K/yr

... code review standards, and developer enablement * Run vulnerability management, identity, and ... Background in product security or AppSec at a platform-tier product * Experience with low-code/no ...

Director of Security

Denver, CO · On-site

$180K - $220K/yr

... modeling, code review standards, and developer enablement • Run vulnerability management ... products • Experience integrating AI tools into security workflows (detection, response, GRC ...

Director - Product Security

Denver, CO · On-site +1

$239K - $251K/yr

Partner with R&D, Engineering, Quality, Regulatory Affairs, and Legal teams to embed security practices and ensure a comprehensive approach to product safety. * Serve as the primary security ...

Senior Product Security Engineer

Golden, CO · On-site

$118K - $162K/yr

The Senior Product Security Engineer will have a strong ownership stake to ensure Allegion's systems are reliable, scalable, high-performing, economical, and secure. The position reports to the ...

The engineer partners with product, security, and operations to design resilient platforms, reduce ... code quality with rigorous reviews, and mentor team members with constructive feedback.

... product development teams to ensure a high standard of quality, security, and data privacy across the fullsystemlifecycle. TheSeniorProductSecurity Engineer will have a strong ownership stake to ...

... reviews, security requirements, secure coding practices, and automated security controls. * Coach and mentor engineers throughout Allegion's global product engineering and software operations on ...

... and code review you touch. * Collaborate across the stack. Partner with Product, Security, and ... engineering teams to deliver identity and notification capabilities that unlock the rest of the ...

Principal Security Engineer

Englewood, CO · On-site

$180K - $220K/yr

... reviews, and serve as a credible peer to product security engineering leaders. Basic Qualifications ... * 10+ years in security engineering or architecture, including 3+ years as a principal architect or ...

Senior Security Engineer

Denver, CO

$117K - $161K/yr

... code review, and documentation. * Flexibility and confidence to work across multiple security ... products we develop and ensuring we keep our customers' valuable data secure. This sense of ...

Review reported anomalies, assess cybersecurity impact, and support incident-response activities as ... Ability to collaborate across hardware, software, systems, product security, quality, regulatory ...

next page

Showing results 1-20

Product Security Code Review Engineer information

What are the key skills and qualifications needed to thrive as a Product Security Code Review Engineer, and why are they important?

To thrive as a Product Security Code Review Engineer, you need a deep understanding of secure coding practices, software development lifecycles, and vulnerability assessment, typically backed by a degree in computer science or a related field. Familiarity with static and dynamic analysis tools, code review platforms, and certifications like CISSP or OSCP is highly valuable. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills for explaining security findings and collaborating with development teams. These skills and qualities are vital to identify, communicate, and mitigate security risks in code, ensuring the overall resilience of software products.

What are some typical challenges faced by Product Security Code Review Engineers when coordinating with development teams?

Product Security Code Review Engineers often encounter challenges in balancing security priorities with project timelines and developer workflows. Effective communication is essential, as engineers must clearly explain vulnerabilities and remediation steps to developers who may have varying levels of security expertise. Additionally, they need to ensure that security recommendations are practical and align with the product's architecture, all while fostering a collaborative environment rather than creating bottlenecks. Building strong relationships with development teams and understanding their processes helps streamline secure code adoption and continuous improvement.

What is the difference between Product Security Code Review Engineer vs Software Security Engineer?

AspectProduct Security Code Review EngineerSoftware Security Engineer
Primary FocusReviewing and analyzing source code for security vulnerabilities in productsDesigning and implementing security measures across software systems
Skills & CertificationsSecure coding, code review, security standards (e.g., OWASP), certifications like CSSLPSecurity architecture, threat modeling, secure coding, certifications like CISSP
Work EnvironmentCollaborates with development teams during product developmentWorks on system-wide security strategies and architecture
Industry UsageCommon in product-based companies, especially in tech and cybersecurityFound in organizations focusing on overall security infrastructure

While both roles focus on security, the Product Security Code Review Engineer primarily reviews source code for vulnerabilities in specific products, whereas the Software Security Engineer develops and implements security strategies across software systems. The roles often overlap but differ in scope and focus.

What is a Product Security Code Review Engineer?

A Product Security Code Review Engineer is a cybersecurity professional responsible for analyzing and reviewing application source code to identify and mitigate security vulnerabilities. They work closely with development teams to ensure secure coding practices, review code for compliance with security standards, and recommend fixes for potential security issues. Their goal is to prevent security breaches by catching vulnerabilities early in the software development lifecycle.
What are popular job titles related to Product Security Code Review Engineer jobs in Colorado? For Product Security Code Review Engineer jobs in Colorado, the most frequently searched job titles are:
What job categories do people searching Product Security Code Review Engineer jobs in Colorado look for? The top searched job categories for Product Security Code Review Engineer jobs in Colorado are:
What cities in Colorado are hiring for Product Security Code Review Engineer jobs? Cities in Colorado with the most Product Security Code Review Engineer job openings:
Senior Security Engineer, AWS Marketplace , AWS Marketplace

Senior Security Engineer, AWS Marketplace , AWS Marketplace

Amazon

Denver, CO • On-site

$117K - $161K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 7 days ago


Amazon rating

7.4

Company rating: 7.4 out of 10

Based on 6,972 frontline employees who took The Breakroom Quiz

6th of 39 rated national retailers


Job description

Application deadline: Jul 15, 2026
This position is part of the AWS Specialist and Partner Organization (ASP). Specialists own the end-to-end go-to-market strategy for their respective technology domains, providing the business and technical expertise to help our customers succeed. Partner teams own the strategy, recruiting, development, and growth of our key technology and consulting partners. Together they provide our customers with the expertise and scale needed to build innovative solutions for their most complex challenges.
AWS Marketplace within ASP is a curated digital catalog where customers find, buy, deploy, and manage third-party software, data, and services to build solutions and run their businesses. Every listing represents a trust relationship between AWS, an independent software vendor, and the customer - and security is what makes that trust possible.
We're looking for a Senior Security Engineer to own security for the third-party (3P) catalog. You'll set the bar for how 3P software is vetted, monitored, and protected across its lifecycle on Marketplace, and dive deep into emerging threat vectors to protect our customers. You'll also partner closely with our Application Security and Engineering teams to ensure the features we build on AWS Marketplace meet AWS's high security bar and continue to protect our customers. This role has high visibility, broad scope, and direct impact on millions of AWS customers.
Key job responsibilities
- Own the security strategy for the AWS Marketplace 3P catalog, including ingestion, scanning, vulnerability management, and ongoing posture monitoring of seller-provided artifacts (AMIs, containers, SaaS, data products, ML models).
- Identify systemic risks across the catalog and lead remediation campaigns that span multiple teams and orgs.
- Investigate and respond to security findings, vulnerabilities, and incidents involving Marketplace services and 3P content.
- Partner with AppSec to drive threat modeling, secure design reviews, and code reviews for Marketplace services.
- Define and raise security standards for sellers and Marketplace internal teams. Influence policy, tooling, and automation so the security bar rises without slowing the business down.
- Mentor engineers across the org on secure development practices, cloud security, and threat modeling.
- Represent Marketplace security in cross-AWS forums, working with AWS Security, service teams, and partner orgs.
About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why AWS?
Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
AWS values curiosity and connection. Our employee-led and company-sponsored affinity groups promote inclusion and empower our people to take pride in what makes us unique. Our inclusion events foster stronger, more collaborative teams. Our continual innovation is fueled by the bold ideas, fresh perspectives, and passionate voices our teams bring to everything we do.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve.
BASIC QUALIFICATIONS
- 4+ years of non-internship background in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools experience
- 5+ years of work in identifying security issues and risks, and developing mitigation plans experience
- 4+ years of (non-internship) scripting, programming, and security code review in common programming languages experience
- Knowledge of at least two of the following programming languages: Scala, Java, Python, C/C++, or Go
- Experience working in identifying security issues and risks, and developing mitigation plans
PREFERRED QUALIFICATIONS
- Experience applying threat modeling or other risk identification techniques or equivalent
- Experience with security in service-oriented architectures/microservices and web services
- Experience as a mentor, tech lead or leading an engineering team
- Experience (non-internship) in industry-based security vulnerabilities identification, attack patterns, and remediation techniques
- Experience (non-internship) in troubleshooting systems issues, analyzing logs, or automating complex tasks using command line tools
- Experience (non-internship) in scripting, programming, and security code reviewing in a common programming language
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit https://amazon.jobs/content/en/how-we-hire/accommodations for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits.
USA, CO, Denver - 178,400.00 - 226,700.00 USD annually
USA, WA, Seattle - 178,400.00 - 226,700.00 USD annually

What Amazon employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Amazon logo

About Amazon

Sourced by ZipRecruiter

Amazon.com, Inc., commonly known as Amazon, is an American multinational technology company. It was founded by Jeff Bezos in 1994 and initially started as an online marketplace for books. Since then, Amazon has expanded its operations and become one of the largest e-commerce companies in the world. Amazon's primary business is its online retail platform, where customers can purchase a vast array of products, including electronics, clothing, books, home goods, and much more. The company offers a convenient and user-friendly shopping experience, with features such as fast shipping, customer reviews, and personalized recommendations. In addition to its e-commerce platform, Amazon has diversified its business into various other areas. One of its notable ventures is Amazon Web Services (AWS), a comprehensive cloud computing platform that provides services such as storage, compute power, and database management to individuals and businesses. AWS has become a leader in the cloud computing industry, powering many websites and applications worldwide. Amazon has also developed its own consumer electronics, including the popular Amazon Kindle e-reader, Fire tablets, Fire TV streaming devices, and the Alexa-powered Echo smart speakers. The Alexa voice assistant, integrated into these devices, allows users to interact with their devices using voice commands, perform tasks, and access information. Furthermore, Amazon has expanded into media and entertainment. It operates Prime Video, a streaming service that offers a wide range of movies, TV shows, and original content. Amazon Music provides a platform for streaming and purchasing digital music, while Audible offers audiobooks and other audio content. The company's commitment to customer satisfaction and convenience is demonstrated by its membership program, Amazon Prime. Prime members receive various benefits, including free two-day shipping, access to streaming services, exclusive deals, and more.

Industry

It services, book publishers, retail, real estate and computer and electronic product manufacturing

Company size

10,000+ Employees

Headquarters location

Seattle, WA, US