security
Posted Apr 29Staff Product Security Engineer
at Redditinc
United StatesRemote
Responsibilities
- Build and evolve secure frameworks, guardrails, and library-level controls that make common vulnerability classes harder to introduce.
- Design security controls for AI-assisted development — including reusable rule packs and skills that shape how engineers and coding agents generate, review, and ship code.
- Drive product security reviews for new launches and major architectural changes.
- Identify and eliminate systemic security debt.
- Shape strategy, influence architecture, and drive execution across teams. What We're Looking For 8+ years of
- Track record of mentoring engineers and raising the technical bar across a security or platform engineering org. Preferred
Requirements
- With 100,000+ active communities and approximately 121 million daily active unique visitors, Reddit is one of the internet’s largest sources of information.
- With 100,000+ active communities and approximately 97M+ daily active unique visitors, Reddit is one of the internet’s largest sources of information.
- Reddit is hiring a Staff Product Security Engineer to make the secure path the easiest path for engineers and AI agents.
- As AI-assisted development accelerates code velocity faster than manual review can absorb, this role exists to close that gap structurally — through guardrails, automation, and platform-level prevention that scale with the engineering org. What You'll Do
- experience in software engineering, product security, or application security, with at least 2 years operating at a staff level of scope and impact.
- Proficiency in one or more languages (Go, Python, JS/TS). •
- Experience building secure frameworks, libraries, or guardrails that improve security across many teams at once.
- Demonstrated ability to integrate security into developer workflows: CI/CD, code review, release processes, and internal platforms.
- Comfortable in fast-moving environments where AI-assisted development is reshaping how software is built and reviewed. •
- Experience with vulnerability discovery and remediation pipelines, including bug bounty or researcher-reported findings.
- Experience securing AI/LLM systems, agentic workflows, or AI-assisted development tooling.