Valon Tech is hiring

Roles

Staff Product Security Engineer - Customer Platform

Compensation

USD 190000 - 260000

Base compensation band: $190K - $260K (base salary determined by experience/qualifications/skills). Competitive salary with meaningful equity stake; 401(k) plan. Benefits include comprehensive medical/dental/vision, commuter benefits (pre-tax deductions), learning & development, quarterly team/company outings budget, flexible paid time off/sick days/11 holidays, and 12 weeks fully paid baby bonding time for both birthing and non-birthing parents.

Salary period: yearly
Location basis: New York City located staff (may differ according to location)
Equity: Meaningful stake in the company via equity

Benefits

Equity (meaningful stake in the company)
401(k) plan
Comprehensive medical, dental, and vision benefits
Pre-tax commuter benefits for public transportation, rideshare services, and parking
Learning & development opportunities including regular review cycles with 360 degree feedback
Quarterly budgets for team and company outings (team swag, cooking classes, team dinners)
Flexible paid time off, sick days, and 11 company holidays
12 weeks fully paid baby bonding time for both birthing and non-birthing parents

Tech stack

ISO 27001 CIS encryption OIDC SSO CCSP CCPA CISSP SAML NYDFS OpenID Connect Python NIST GCP CCSK Logging FTC RBAC SOC 2 KMS SCIM Audit Logs Cloud security MFA OWASP CISM OAuth CMEK Monitoring

Required

GCPGoogle Cloud PlatformSOC 2CCPANYDFSFTCOWASPNISTCISISO 27001PythonRBACSSOSAMLOpenID ConnectOIDCSCIMMFAAudit LogsKMSCMEKEncryptionLoggingMonitoringAPIs

Location

Anywhere in the World

Work setup

Employment: full-time
Level: Senior
Remote policy: Remote; Valon offices located in New York City and San Francisco but remote work fully supported.
Remote scope: worldwide

Role details

Responsibilities

Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform
Architect and guide secure implementation of customer-facing security capabilities with Engineering (authentication/authorization models, identity integration, access controls, audit and logging, encryption/key management)
Build and maintain security reference architectures and standardized secure design patterns for product teams
Lead threat modeling, security design, and code reviews for new features, services, and major architectural changes
Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks
Support vulnerability triage, remediation strategy, and root cause analysis for product security issues
Support security compliance and regulatory needs (SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence
Develop, implement, and enforce security policies, standards, and procedures
Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes

Requirements

Extensive experience in product security, application security, or security architecture roles; ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities
Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (GCP preferred)
Proven experience in SaaS IAM and tenant security (authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs)
Expertise in designing secure platform controls (APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring)
Demonstrated ability to build and maintain security reference architectures
Expert-level experience leading threat modeling and security design reviews including security-focused code reviews
Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts)
Highly hands-on engineer with ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently
Excellent communication and collaboration skills to explain complex security concepts to technical and non-technical stakeholders
Prior software engineering experience and/or coding ability (Python) is preferred
Experience working in high-growth or startup environments is a plus
8+ years in progressive senior security engineering or architect level roles, with 3+ years leading security design for enterprise-grade cloud and SaaS platforms
Bachelor's degree in Information Security, Computer Science, Technology or related field
Relevant security certifications (CISSP, CISM, CCSK, CCSP or similar)
Proven ability to design security reference architectures and implement customer platform security controls and technologies (IAM, API security, encryption/key management, logging/monitoring and others)
Hands-on experience with modern security technologies and tooling across cloud and application security

Application

To apply: https://weworkremotely.com/remote-jobs/valon-tech-staff-product-security-engineer-customer-platform

Portfolio: not required
GitHub: not required
Cover letter: not required
Apply flow: ats
Canonical URL: https://weworkremotely.com/remote-jobs/valon-tech-staff-product-security-engineer-customer-platform

Company context

Ensure sound security programs, processes, and automation to safeguard customers’ data for regulated finance/mortgage servicing via ValonOS.

Product: AI-native operating system for regulated finance (mortgage servicing) and ValonOS unified platform (mortgage servicing and structured/programmed processes)
Industry: Regulated finance
HQ: Remote (Valon offices located in New York City and San Francisco)
Stage: Series C
Funding: Backed by a16z

Contact

talent@valon.com

Description

Valon is building the AI-native operating system for regulated finance, starting with mortgage servicing. ValonOS is their unified platform for structured and programmable processes across a multi-tenant SaaS platform. The Staff Product Security Engineer - Customer Platform role focuses on product security architecture and technical control implementation for ValonOS, including security by design into the SaaS platform and customer-facing security features. Responsibilities span defining/evolving product security architecture and strategy, designing secure customer-facing security capabilities (authentication/authorization models, identity integration, access controls, audit/logging, encryption/key management), leading threat modeling and security/code reviews, collaborating across teams to mitigate product/data security risks, supporting vulnerability triage/remediation/root cause analysis, supporting security compliance and regulatory needs (SOC 2, CCPA, NYDFS, FTC), developing/enforcing security policies/standards/procedures, and supporting security operations including advisory/consultative reviews and incident response/issue remediation. Ideal background includes extensive product/application security or security architecture experience with ownership for SaaS multi-tenancy and customer-facing security capabilities, cloud security experience (GCP preferred), SaaS IAM and tenant security (authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs), expertise in secure platform controls (APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring), ability to build/maintain security reference architectures, leading threat modeling and security design reviews with security-focused code reviews, and applied knowledge of OWASP, NIST, CIS, SOC 2/ISO 27001 concepts. Prior software engineering/coding ability in Python is preferred. Experience in high-growth/startup environments is a plus. Minimum qualifications include 8+ years progressive senior security engineering/architect-level roles, 3+ years leading security design for enterprise-grade cloud/SaaS platforms, relevant bachelor’s degree, and relevant security certifications (CISSP/CISM/CCSK/CCSP or similar). The company notes a base compensation band of $190K-$260K plus equity and benefits.

Similar jobs

Loading similar jobs...