Senior Product Security Engineer

Details

Collibra is seeking a Senior Product Security Engineer to join our Product Security team. You will identify vulnerabilities and provide remediation consulting to global product development teams, provide technical leadership and oversight, and act as an application security evangelist. You will partner with engineers to accelerate secure time-to-value while leveraging AI and MCP to create context-aware security automation.

Responsibilities

• Own application security for products and/or features supported by assigned development teams.
• Perform security testing and triage findings identified by SAST, SCA, IAST, DAST, and penetration tests.
• Leverage AI and MCP to create intelligent, context-aware security guidance and automation.
• Provide remediation consulting services to assigned development teams.
• Assist with vulnerability management reporting and tracking.
• Coordinate third-party penetration testing engagements, analyze reports, and open tickets for remediation.
• Contribute to the configuration and management of security tools.

Requirements

• 5+ years of application/product security experience.
• 2+ years of experience securing Java, Python, and/or JavaScript web applications.
• Knowledge of enterprise-level software architecture components and cloud infrastructure.
• Experience building trusted advisor relationships with engineers, product owners, and engineering management (up to director level).
• Experience with AI security tooling and context-aware automation for the SSDLC.
• Understanding of AI privacy and governance in developer workflows.
• Experience using and building agentic AI systems that work collaboratively.
• Experience advocating for remediation of application security risk while working with development/engineering teams.
• Experience identifying vulnerabilities in source code, providing detailed reproduction steps, and recommending remediations.
• Working knowledge of Python, Java, and/or JavaScript.
• Experience with Linux and containerization in a cloud environment.
• Knowledge of CI/CD concepts and integrated SAST, SCA, and DAST tooling.
• Familiarity with OWASP Top 10 and ability to explain concepts to engineers and people leaders.
• Familiarity with AI standards and regulations (EU AI Act, SAIF, ISO 42001).
• A bachelor’s degree or equivalent related working experience is required.
• Eligibility requirements: This position is not eligible for visa sponsorship. Because this role supports the US government, candidates must be US citizens who reside on US soil.

Measures of success

• Within the first month: absorb Collibra processes/tools and SDLC fundamentals.
• Within three months: own application security engineering tasks for one or more development teams.
• Within six months: manage triaging efforts for 3rd-party pen testing and independently resolve customer product security inquiries.

Compensation for this role

• Standard base salary range: $168,000 - $210,000 per year.
• This position is not eligible for additional commission-based compensation.
• Salary offers are based on experience, skills, and location.
• In addition to base salary, Collibra offers bonus potential, equity for eligible roles, a Flex Fund monthly stipend, pension/401(k) plans, and other benefits.

Benefits at Collibra

Collibra offers a flexible benefits program including competitive compensation, health coverage, time off, and other offerings. Learn more about Collibra’s benefits and diversity, equity, and inclusion initiatives via the links provided in the original posting.