Senior Product Security Engineer at Attentive

  • Product
  • Fulltime
  • Anywhere (100% Remote) Only
Job Description

About Attentive:
Attentive® is the leader in conversational commerce, reinventing business to consumer communication. Our SMS-first software platform helps everyone from entrepreneurs to enterprises strengthen relationships with their consumers in a new way. Through two-way, real-time, personalized communications, we drive billions in e-commerce revenue and over 8,000 leading brands like CB2, Chanel, Urban Outfitters, Crocs, Jack in the Box, and Coach rely on Attentive to deliver powerful commerce experiences.

Attentive’s growth has been recognized by Deloitte’s Fast 500, Linkedin’s Top Startups and Forbes Cloud 100 all thanks to the hard work from our global employees!

Who We Are
We are looking for an experienced security leader who brings both technical acumen and a developer mindset to their work. You will be a key member of the Security Engineering team, which carries the responsibility for the security of Attentive’s platform (we work in AWS) and customer-facing products (we build microservices in Java and React/Typescript). Practically, this spans a broad gamut of building and/or operating tools in partnership with other Security and Engineering teams to secure our code and underlying systems from development to delivery, to detect and respond to abnormal behaviors, and to provide security testing and guidance to colleagues as they architect new systems and features. As part of this team, in this role you will lead our product and application security program, serving as the key player in our organization for guidance and action on making our product more secure for our clients. You’ll find yourself working a group of other talented security professionals of various backgrounds with a shared goal to shape the future of Attentive’s security program and provide positive impact for the company and its customers.

Our scale:

  • 8,000 brands powered by Attentive sent over 1.6 billion text messages over Cyber Week 2022 (Black Friday/Cyber Monday) representing a growth of 41% from 2021
  • We sent 24 billion SMS messages in 2022. That’s an average of 50 million per day
  • Our production cluster contains over 9,000 containers which serve 170+ services
  • Our streaming services process over 28 billion events per month

Why Attentive needs you

  • You have a creative and solution-oriented attitude, and the patience to fully understand developer teams’ processes and goals.
  • A strong belief in automation, so that new tooling or processes are lightweight experiences for developers.
  • An ability to deal with ambiguity and prioritize, both in the context of a growing company and engineering organization, as well as a problem set that inherently invites scope creep.
  • A leader, who is both open-minded and curious to learn about new technologies when approaching a given problem set
  • Are sought out for strategic and technical security guidance; you anticipate product and application security issues and make design decisions to avoid them.
  • Multiply the effectiveness of others by facilitating cross-team work.
  • Are consistently able to reduce the complexity of projects in order to get more done with better approaches and phasing of deliverables.
  • Listen and guide debates to help reach a consensus; once a decision is made, clearly communicate and back that decision.
  • Laser-focused on making a positive impact on the entire company's information security maturity by identifying our highest risks and mitigating them to an acceptable level.

About you

  • Significant experience (5-7 years) working in product/application, with deep knowledge of web application technologies, identifying and remediating common vulnerabilities in code, the modern threat landscape for attack vectors, and commensurate cloud security fundamentals.
  • Demonstrated impact in prior roles as a senior individual contributor or team leader to independently deliver impact for a security program through your own contributions and by influencing change through others.
  • Proven knowledge and experience in automating processes, such as static code analysis, to make a positive impact in how code is shipped, not just a checkbox activity.
  • Bonus if you are well-versed in Java vulnerabilities or Gradle dependency management, and/or have experience in Kubernetes/container security.

You’ll get competitive perks and benefits from health & wellness to equity, to help you bring your best self to work.

For US based applicants:

  • The standard base salary range for this position is $168,800 - $253,000 annually
  • This position is eligible for equity in the form of RSUs


Attentive Company Values
Default to Action - Speed is our best offense and defense
Never Settle - Continuously raise the bar for yourself and your teammates
Hard Work Solves Big Problems - Success requires grit and resilience
Be Attentive - Work together as a team to drive greatness for our company and our customers

Learn more about AWAKE, Attentive’s collective of employee resource groups.

If you do not meet all the requirements listed here, we still encourage you to apply! No job description is perfect, and we may also have another opportunity that closely matches your skills and experience.

At Attentive, we know that our Company's strength lies in the diversity of our employees. Attentive is an Equal Opportunity Employer and we welcome applicants from all backgrounds. Our policy is to provide equal employment opportunities for all employees, applicants and covered individuals regardless of protected characteristics. We prioritize and maintain a fair, inclusive and equitable workplace free from discrimination, harassment, and retaliation. 

Get Updated Remote Jobs directly in your Inbox

Powered by Denovers with