ID.me · 9 hours ago
Senior Product Security Engineer
Mountain View, CA
Full-time
Onsite
Senior Level, Lead/Staff
$186K/yr - $220K/yr
8+ years expID.me is a next-generation digital identity wallet that simplifies online identity verification. They are seeking a Senior Product Security Engineer to lead the design and implementation of secure cloud security architectures and deliver automation frameworks to enhance security operations.
Cloud Data ServicesCyber SecurityFraud DetectionIdentity ManagementPrivacySoftware
Hiring Manager
John Sweeney
Responsibilities
Lead the design and implementation of secure, scalable cloud security architectures across GCP, Kubernetes, and containerized workloads
Deliver security automation frameworks (Python or Java) that reduce operational risk and increase organizational security maturity
Build production-ready security automation using Python or Java to scale security operations and reduce manual toil
Execute security projects from requirements through deployment with minimal guidance, delivering high-quality results on time
Troubleshoot complex security issues in production environments, conducting deep technical analysis and implementing fixes quickly
Implement GKE security controls
Build and maintain cloud security infrastructure using Terraform
Configure GCP security services such as VPC Service Controls, Private Service Connect, Cloud Armor policies, IAM roles, and Secret Manager
Execute API security assessments by conducting security reviews, identifying vulnerabilities, and implementing remediation
Execute vulnerability remediation workflows for application, container, Cloud, and SaaS vulnerabilities within defined SLAs
Build security dashboards and reporting to track vulnerability MTTR, security control effectiveness, and false positive rates
Conduct deep technical security assessments—API, application, GKE, and infrastructure layers—and implement durable, production-ready solutions
Serve as a technical escalation point for cloud, IAM, GKE, and Terraform-related security issues; provide expert troubleshooting for high-severity incidents
Implement advanced GCP security controls including VPC Service Controls, Private Service Connect, sensitive service perimeter enforcement, and automated IAM governance
Partner with Infrastructure, Platform, AppSec, and Compliance teams to ensure a unified, secure-by-default cloud architecture
Qualification
Required
8+ years of experience in security engineering, cloud engineering, or software engineering with a focus on implementation and architecture
7+ years of hands-on programming experience in Python or Java
6+ years of GCP experience including GKE, Cloud Run, IAM, Secret Manager, VPC SC, and related services
Strong expertise with Kubernetes security, container security, and image/build pipeline hardening
Proficiency with Infrastructure-as-Code (Terraform preferred)
Demonstrated ability to architect and troubleshoot complex issues in production cloud environments
Preferred
GCP Professional Cloud Security Engineer or Professional Cloud Architect certification
Deep experience designing and securing multi-tenant GKE environments, including workload isolation, network segmentation, and hardened runtime configurations
Expertise in OAuth, OIDC, and API security engineering, with emphasis on abuse resistance, token lifecycle management, and cross-service trust boundaries
Proven ability to lead security initiatives across engineering teams and influence large-scale architectural decisions
OSCP or comparable hands-on offensive-security certifications (e.g., OSEP, GXPN, PNPT) demonstrating strong adversarial reasoning and exploit-focused problem-solving capability
Practical familiarity with offensive-security methodologies—attack-chain decomposition, exploitation fundamentals, and red-team tradecraft—and their application to cloud-native threat modeling and control design
Experience or interest in applied security research, such as vulnerability discovery, protocol or infrastructure analysis, and evaluation of emerging attack surfaces (e.g., AI/ML pipelines, agentic systems, supply-chain security)
Benefits
Comprehensive medical
Dental
Vision
Health savings account
Flexible spending accounts (medical, limited purpose, dependent care, commuter benefit accounts)
Basic and voluntary life and AD&D insurance
401(k) with company match
Parental leave
Ability to participate in unlimited paid time off subject to the terms and conditions of the PTO policy, including 8 company wide holidays
Short and long-term disability insurance
Accident and critical illness insurance
Referral bonus policy
Employee assistance program
Pet insurance
Travel assistant program
Wellbeing and childcare discounts
Benefit advocates
Learning and development benefit
Company
ID.me
ID.me is a digital identity wallet that allows users to securely prove their identity online.
1001-5000 employees
H1B Sponsorship
ID.me has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (12)
2024 (2)
Funding
Current Stage
Late StageTotal Funding
$814.25MKey Investors
Ribbit CapitalAres ManagementViking Global Investors
2025-09-03Series E· $65M
2025-01-30Debt Financing· $275M
2024-11-25Secondary Market· $67M
Leadership Team
Blake Hall
Co-Founder and CEO
Samantha Greenberg
Chief Financial Officer
Recent News
BiometricUpdate.com
2025-12-18
2025-11-12
Company data provided by crunchbase