Airtable

Product Security Engineer

Airtable$187K — $260K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4+ years in product or application security, with production code experience.
  • Strong background in computer science or related field with clean coding proficiency.
  • Familiarity with JavaScript or TypeScript, Node.js, and modern web frameworks.
  • Hands-on experience securing LLM integrations and identifying related risks.
  • Proficient in writing and reviewing code with a focus on security as an engineering problem.
  • Excellent communication skills for conveying complex security risks to non-security stakeholders.
  • Ability to thrive in a fast-paced, ambiguous work environment, with a focus on continuous learning.

Responsibilities

  • Develop self-service security frameworks for secure code shipping.
  • Implement automated guardrails to address common vulnerabilities and perform in-depth design reviews.
  • Collaborate with product engineering on early design reviews and security guidance.
  • Research emerging threats, particularly in AI and LLM security, and implement necessary controls.
  • Manage external penetration testing and bug bounty processes to address vulnerabilities.
  • Contribute to long-term roadmaps and strategies for the security team.
  • (Senior/Staff role) Lead threat modeling sessions and mentor other engineers on secure coding practices.

Benefits

  • Comprehensive total compensation package including benefits and stock options.
  • Incentive compensation opportunities based on performance.
  • Remote work flexibility, allowing for a diverse workforce.
Full Job Description
Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our rapidly evolving platform as we expand our AI and LLM-powered offerings. You will join the team responsible for safeguarding the application layer of Airtable's platform.

You will partner closely with product engineering teams to build paved roads, frameworks, and automated controls that make the secure path the easy path for our engineering teams. You will help influence application security at scale, ensuring our products are secure by design.
What you'll do
  • Develop self-service security frameworks and "paved roads" that allow engineering teams to ship secure code by default.
  • Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues (for example, multi-tenant isolation and authorization/permission bypasses) that automated tools cannot catch.
  • Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance.
  • Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows.
  • Manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem.
  • Contribute to the long-term roadmaps, metrics, and strategic planning for the security team.
  • (Senior/Staff L5+) Lead complex threat modeling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organization.
Who you are
  • 4+ years of experience in product security or application security, with experience shipping production code. Please note this is not an early career position.
  • You have a strong background in computer science or a related field, with proficiency in writing clean, maintainable code.
  • You have deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them.
  • You have hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks.
  • You are proficient in writing and reviewing code and treat security as an engineering problem to be solved with software, not just policies.
  • You excel at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity.
  • You are comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy.

#LI-remote

Compensation awarded to successful candidates will vary based on their work location, relevant skills, and experience.

Our total compensation package also includes the opportunity to receive benefits, restricted stock units, and may include incentive compensation. To learn more about our comprehensive benefit offerings, please check out Life at Airtable.

For work locations in the San Francisco Bay Area, Seattle, New York City, and Los Angeles, the base salary range for this role is:

$187,000-$260,000 USD

About Airtable

Airtable is a software company that provides a cloud-based platform for creating and managing databases. The company was founded in 2012 and is headquartered in San Francisco, California. Airtable's platform is designed to be user-friendly and flexible, allowing users to create custom databases for a variety of purposes. The company has a strong focus on collaboration and provides tools for teams to work together on projects. Airtable has a diverse customer base, including small businesses, non-profits, and Fortune 500 companies. The company has raised over $170 million in funding and is rapidly growing.
Learn more about Airtable
Size
500 employees
Industry
Founded
2012

Similar Jobs

More Jobs at Airtable

More Information Technology Jobs

Find similar Product Security Engineer jobs: