Senior Product Security Engineer

About Introhive

Introhive is an AI-powered Relationship Intelligence platform that helps firms break down data silos and unlock actionable relationship insights that drive collaboration and growth.

Since launching in 2012, we’ve grown significantly, but our mission remains the same: to transform how companies manage, nurture, and leverage relationships to unlock value, accelerate growth, and delight customers.

Introhive is one of the fastest-growing B2B relationship intelligence platforms. We’re recognized as a category leader in sales intelligence and data quality management software by G2, named a Top 10 Fastest Growing Technology Company in Deloitte’s Fast 50 Awards three years running, and awarded the 2020 MarTech Breakthrough Award for Best CRM Innovation.

Trusted by industry-leading brands including KPMG, Freshfields, CBRE, and Deloitte, Introhive supports more than 250,000 users across 90+ countries.

Job Summary 

As a Senior Product Security Engineer, you drive our product security program across application security, cloud security, and security architecture. Your software development skills enable you to partner with Engineering to build secure-by-default systems and developer workflows, reducing security risk through pragmatic standards, automation, and guardrails.

You work closely with many development teams to continuously raise the bar on security. You act as a force multiplier by fostering a culture of security, enabling team members to take ownership of the security of the product they produce. You scale your impact through effective guardrails, tooling, and enablement.

You champion a shift-left approach by ensuring security is a first-class consideration in design and delivery. You lead threat modeling and architecture reviews, promote secure-by-default practices, and help ensure the development pipeline has robust automated scanning to prevent vulnerabilities from reaching production.

This role offers significant ownership and influence. You help shape the product security roadmap for a growing SaaS company and drive program improvements that scale with the business.

You provide technical leadership as an individual contributor by mentoring engineers, leading security initiatives end-to-end, creating clear standards and designs, and exercising strong judgment in selecting practical solutions. You operate independently in familiar areas and seek guidance when entering new domains. 

Job Responsibilities  

Architecture reviews & threat modeling: Lead secure architecture reviews and threat modeling for new features, major changes, and sensitive workflows/integrations, translating outcomes into concrete mitigations teams can ship.

Secure-by-default patterns: Build and evolve secure “paved road” components—standards, defaults, and reusable frameworks—so the secure path is the easiest path.

DevSecOps automation: Integrate and tune automated controls in CI/CD to prevent vulnerabilities from reaching production.

Developer experience & enablement: Improve developer experience by making security tooling and guardrails easy to use, and serve as a trusted security partner by providing practical guidance so teams can ship secure features faster and reduce repeat issues.

Security reviews: Perform targeted code reviews and assessments on high-risk areas to proactively identify security issues.

Vulnerability management process: Continuously improve the processes for intake, prioritization, resolution, and recurrence prevention of vulnerabilities. Coordinate external penetration tests and vulnerability disclosure submissions.

Cloud and infrastructure security: Partner with DevOps/platform teams to harden infrastructure and embed practical guardrails that reduce risk across cloud environments, IAM, Kubernetes, and deployment pipelines.

Supply chain security: Improve dependency and third-party risk management through scalable workflows that reduce exposure and speed response.

Data-driven prioritization: Define lightweight, outcome-based metrics to focus effort on the highest-impact risk reductions.

AI acceleration: Implement AI-assisted security workflows to improve early detection, reduce noise, and accelerate remediation, with human verification.

Security operations: Support triage of infrequent security events impacting the product, and drive post-incident learnings into preventative controls.

Qualifications 

Strong application security fundamentals: Deep familiarity with common web and API vulnerability classes (e.g. OWASP Top Ten), secure coding practices, and how to prevent recurrence through patterns and tooling.

Product-minded security engineering: You prioritize work based on risk and customer impact, and you can explain trade-offs clearly. You understand how to think as a customer, and as an attacker.

Security architecture fluency: Experience with threat modeling, secure design review, and the ability to reason about complex systems, integrations, and trust boundaries.

Cloud and container security experience: Experience securing cloud workloads, identity and IAM patterns, and container/Kubernetes-adjacent security controls suitable for production.

Engineering collaboration: You influence without authority, build trust with developers, and create enablement that teams actually adopt.

Automation mindset: You can build or extend security tooling and CI/CD integrations; you prefer scalable controls over manual heroics or noisy alarms.

Communication: Strong written and verbal skills, with the ability to write clear standards, actionable findings, and concise architecture feedback.

Curiosity and creativity: You enjoy investigating potential vulnerabilities and diving into a large codebase to identify an insecure codepath.

Initiative: You are a self-starter, and are always thinking about emerging threats and new approaches to secure the product.

Education & Experience

5+ years of experience in product security, application security, security engineering, or equivalent experience as a software engineer or architect with substantial security ownership.

Hands-on software development experience and the ability to read and write production code in one or more languages (e.g., Python, C#, Ruby, JavaScript/TypeScript).

Security certifications (e.g., OSCP, OSWE, cloud security certifications) are helpful but not required—demonstrated impact matters most.

Why Introhive?

At Introhive, we believe people do their best work when they feel trusted, empowered, and supported. That’s why we value outcomes over hours, curiosity over perfection, and collaboration over ego. You'll have room to grow, tools to succeed, and a team that’s got your back.