Life360 · 3 hours ago
Staff Product Security Engineer
United States
Full-time
Remote
Senior Level, Lead/Staff
$186K/yr - $272K/yr
5+ years expLife360 is a company focused on keeping families connected and safe through their mobile app and tracking devices. They are looking for a Staff Product Security Engineer to architect and implement a DevSecOps program that integrates security into the software development lifecycle, ensuring the protection of user data and enhancing security practices across the organization.
AndroidAppsFamilyMobileMobile Apps
Responsibilities
Deploy and operationalize Cycode ASPM platform (or equivalent) as the central nervous system for application security—unifying SAST, SCA, secret scanning, container security, and IaC scanning into actionable intelligence
Build IDE-to-cloud security pipelines that catch vulnerabilities at code-write time, eliminating 90% of findings before merge
Create security-as-code frameworks that make the secure path the default path
Automate vulnerability triage, deduplication, and routing to eliminate manual security toil
Design and deploy pre-approved security patterns, libraries, and templates that enable developers to build securely without security expertise
Establish threat modeling as a lightweight, scalable practice integrated into product planning
Conduct security architecture reviews for high-risk features across mobile (iOS/Android), backend (Java, Python, PHP), and emerging hardware products
Build security tooling that developers actually want to use—think Spotify's Backstage for security
Establish SLA-driven vulnerability management workflows with clear severity definitions, ownership models, and escalation paths
Create friction-free remediation guidance—not 'fix this,' but 'here's the exact code change needed'
Build metrics dashboards that translate security posture into business language executives understand
Partner with engineering leadership to embed security accountability into team objectives
Act as embedded security advisor to product and platform engineering teams
Translate complex security requirements into pragmatic, implementable solutions
Influence technical decisions at the architecture level—security considered in design, not bolted on after
Qualification
Required
5+ years of hands-on experience in product security, application security, or DevSecOps roles
Strong experience deploying and operationalizing Application Security Posture Management (ASPM) platforms, with particular emphasis on vulnerability management and findings handling
Deep understanding of security tooling including SAST, DAST, secret scanning, SCA (Software Composition Analysis), and container scanning tools
Proficiency in Python and the ability to learn new programming languages and technologies as needed (experience with Java, C, or PHP is a plus)
Extensive experience with threat modeling and security architecture reviews, with the ability to identify design flaws and provide actionable remediation guidance
Strong knowledge of secure software development practices, including OWASP Top 10, secure coding principles, and secure-by-design methodologies
Experience building security tooling and automation to scale security practices across development teams
Familiarity with compliance frameworks including OWASP SAMM 2.0, NIST SSDF (Secure Software Development Framework), SOC 2, and GDPR, with working knowledge of privacy considerations
Experience working with diverse technology stacks including mobile applications (iOS/Android), cloud infrastructure, and modern application development
Expert-level threat modeling—you can identify design flaws that automated tools miss
Security architecture experience across diverse platforms: mobile (iOS/Android SDK security), cloud (AWS/GCP), embedded systems
CI/CD security integration—Jenkins, GitLab CI, GitHub Actions, CircleCI—where you've built security into build pipelines without breaking them
Working knowledge of OWASP SAMM 2.0, NIST SSDF, secure coding standards
Preferred
CISSP certification or other relevant security certifications
Experience with Cycode or similar ASPM platforms
CISSP, OSCP, GWAPT, or similar certifications
Experience securing location-based services or privacy-sensitive consumer applications
Contributions to open-source security tools, public security research, or conference speaking
Familiarity with SOC 2, ISO 27001, GDPR compliance requirements
Benefits
Medical, dental, vision, life and disability insurance plans (100% paid for employees)
401(k) plan with company matching program
Mental Wellness Program & Employee Assistance Program (EAP) for mental well-being
Flexible PTO, 13 company-wide days off throughout the year
Winter and Summer Weeklong Synchronized Company Shutdowns
Learning & Development programs
Equipment, tools, and reimbursement support for a productive remote environment
Free Life360 Platinum Membership for your preferred circle
Free Tile Products
Company
Life360
Life360 creates a mobile app for families that helps families feel closer together.
501-1000 employees
H1B Sponsorship
Life360 has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (15)
2024 (22)
2023 (17)
2022 (21)
2021 (17)
2020 (7)
Funding
Current Stage
Public CompanyTotal Funding
$460.24MKey Investors
Bryant Stibel InvestmentsRegal Funds ManagementDCM Ventures
2025-06-03Post Ipo Debt· $320M
2022-11-21Post Ipo Equity· $33.04M
2021-06-29Post Ipo Equity· $2.1M
Leadership Team
Chris Hulls
Co-Founder and Executive Chairman
Justin Moore
Chief Technology Officer
Recent News
2026-01-23
MarketScreener
2026-01-06
2026-01-06
Company data provided by crunchbase