Lead Product Security Engineer

At SolarWinds, we’re a people-first company. Our purpose is to enrich the lives of the people we serve—including our employees, customers, shareholders, partners, and communities. Join us in our mission to help customers accelerate business transformation with simple, powerful, and secure solutions. The ideal candidate thrives in an innovative, fast-paced environment and is collaborative, accountable, ready, and empathetic. We’re looking for individuals who believe they can accomplish more as a team and create lasting growth for themselves and others. We hire based on attitude, competency, and commitment. Solarians are ready to advance our world-class solutions in a fast-paced environment and accept the challenge to lead with purpose. If you’re looking to build your career with an exceptional team, you’ve come to the right place. Join SolarWinds and grow with us! Role Overview As the Lead Product Security Engineer, you will be the primary architect of trust for our software ecosystem. You aren’t just auditing code; you are building the frameworks, tools, and culture that allow our engineering teams to ship secure products at high velocity. You will sit at the intersection of Security, Engineering, and Product, ensuring that protection is baked into the SDLC from day one. Core Responsibilities Team Leadership and Mentoring: Training of processes and skillsets across the team keeping the team sharp with emerging threats and tooling. Leader and Leading meetings. Security Automation: Build and integrate automated security testing (SAST, DAST, SCA) directly into our CI/CD pipelines to minimize friction.-May fall under the security architect position Vulnerability Management: Assist with Bug Bounty program and penetration testing efforts, prioritizing fixes based on actual risk rather than just "severity scores." Incident Response: Act as a technical lead during product-related security incidents, performing root cause analysis to ensure "one-time" fixes become "all-time" preventions. Security Advocacy: Mentor junior engineers and lead "Security Champion" programs to decentralize security knowledge across the organization. Technical Requirements Experience: 7+ years in security engineering, with at least 2 years in a leadership or "staff-level" capacity. Coding Proficiency: Ability to read and understand codebases in languages like Go, Python, Java, or C++/C Sharp. You should be an engineer first. Cloud Native: Deep expertise in securing AWS/GCP/Azure, Kubernetes, and containerized environments is a plus. Offensive Knowledge: A solid understanding of the OWASP Top 10 and the ability to manually exploit vulnerabilities to demonstrate risk. Tooling: Experience with modern security stacks (e.g., Snyk, GitHub Advanced Security, Wiz, or Burp Suite). This would include SBOM and other CI/CD tooling Securing AI and AI Security experience: Using AI tools to review code or risks that come with AI use. Familiarity with SolarWinds Products: This is not a required but is a plus. Incident Response Experience: Reviewing logs and security investigation experience. Gathering evidence and populating reports around the incidents. Soft Skills "The Vibe" Establishing Relationships: It is a requirement to reach out to all teams, technical or not. This may include customer calls to ensure a proper response to security concerns. The "No" to "How": You shift the security conversation from "No, you can't do that" to "Here is how we do that safely." Pragmatism: You understand that a perfect security posture is impossible and can make calculated trade-offs based on business needs. Communication: You can explain a complex heap overflow to a developer and the business impact of a supply chain attack to a VP. This is a strong requirement and is a regular occurrence SolarWinds is an Equal Employment Opportunity Employer. SolarWinds will consider all qualified applicants for employment without regard to race, color, religion, sex, age, nati ... (truncated, view full listing at source)