We are looking for an experienced Product Security Specialist to join our global security organization. In this role, you will lead penetration testing efforts, secure AI/ML-driven applications, strengthen CIAM implementations, and collaborate across engineering teams to enhance the overall security posture of our products.

This is a hands-on, high-impact position that blends technical assessments, cross-functional engineering partnership, and strategic security program contributions. You will play a key role in driving secure design, supporting audits, and implementing scalable security processes across our product ecosystem.

Key Responsibilities :

- Conduct and lead penetration testing across web applications, APIs, mobile apps, and cloud platforms.

- Evaluate and secure AI/ML models, including model integrity, data protection, and adversarial robustness.

- Strengthen and validate CIAM implementations, including OAuth2, OIDC, SSO flows, and identity platforms such as Okta/Auth0.

- Support and manage Dynamic Application Security (DAS) initiatives, including continuous scanning and vulnerability management.

- Contribute to ISO27001 audits, security assessments, compliance activities, and documentation.

- Develop and oversee security automation to streamline testing, detection, and response capabilities.

- Partner with engineering, architecture, DevOps, cloud, and product teams to drive secure development practices.

- Provide security guidance during design reviews, threat modeling sessions, and architecture discussions.

- Identify emerging threats, evaluate new security tools, and enhance internal security testing capabilities.

- Deliver clear reports, risk summaries, and actionable remediation recommendations to technical and leadership teams.

Required Qualifications & Experience :

- 10+ years of experience in product security, application security, or offensive security roles.

Strong hands-on experience securing :

- Mobile applications (iOS/Android)

- Cloud environments (AWS, Azure, GCP)

- Identity & CIAM platforms such as Okta, Auth0, or similar.

- Familiarity with AI/ML security, including model hardening, adversarial testing, and data protection.

- Deep understanding of web and API security, OWASP frameworks, threat modeling, and secure SDLC.

- Experience with ISO27001 audits, compliance processes, or governance frameworks.

- Proficiency with offensive security and pentest tools (e.g., Burp Suite, MobSF, Nmap, Metasploit, ZAP, proxy tools, cloud security tools).

- Strong communication skills, with the ability to work across multiple engineering and product teams