Back to all jobs
R

Product Security Engineer

Red Gate

Cambridge · us Full-time 1d ago

Job description

AT A GLANCE Location: Cambridge In-office expectation: Flexible hybrid, once every two weeks Employment type: Permanent Salary: £60,000 to £75,000, depending on experience WHY THIS ROLE EXISTS As Redgate's products scale and AI adoption accelerates across our engineering teams, security needs to be built in from the start rather than checked at the end. This role gives our product teams a trusted security partner who can embed good practice into everyday delivery, strengthen how we detect and prevent issues, and help security keep pace with how quickly we build. ABOUT REDGATE Redgate brings together people who want to do their best work in an environment built on trust, accountability and collaboration. We build solutions that help data professionals securely manage the data and databases their organisations depend on, a space that's only becoming more critical as systems scale, data regulations increase and AI adoption accelerates. AI AT REDGATE By 2028, Redgate will operate as an expert plus agent company: domain experts amplified by AI, delivering customer value at a pace our peers can't match. AI handles the heavy lifting, and our people control the judgement. Everyone at Redgate works with Claude, giving you access to the best AI tools from day one. WHY JOIN OUR PRODUCT SECURITY TEAM? - You'll be one of the first people building out Redgate's product security function, with real influence over how it takes shape rather than joining something already set in stone. - This is specialist security work: you'll be defining standards, governance and practice for engineering teams to work with, not a general engineering delivery role. - Security carries real weight here: you'll have the backing to do the job properly, not just sign off on delivery timelines. As a Product Security Engineer, you'll embed security into the software development lifecycle across multiple product teams. You'll help teams build, ship and operate secure software by defining requirements, improving detection and prevention through SAST and DAST, supporting application security governance and running threat modelling. - Partner with engineering and product teams to define and operationalise security requirements across the full SDLC, from design through to release. - Own or co-own application security governance, including secure-by-default standards, patterns and risk acceptance processes. - Drive SAST and DAST adoption and quality, from tool tuning through to triage workflows and severity calibration. - Support threat modelling for new features, architectural changes and high-risk services, turning findings into actionable engineering work. - Provide product security guidance for cloud-native environments, including AWS and containerised workloads. WHAT MAKES YOU A GREAT FIT - Hands-on product or application security experience within a modern SDLC, including requirements, design review, secure coding guidance and release support. - Strong knowledge of the OWASP Top 10 and practical mitigation patterns, with experience implementing or improving SAST/DAST processes and reducing false positives. - Working understanding of cloud and container security in an AWS and Docker environment, and comfort reviewing code across a primarily C# ecosystem. - Ability to translate security risk into actionable engineering priorities, balancing risk, delivery timelines and operational realities. - Strong communication skills, with the ability to build trust and influence engineering teams without formal authority, including when requirements or ownership aren't yet fully defined. WHAT WE OFFER Salary range: £60,000 to £75,000, depending on experience Hybrid working: home and Cambridge office Monthly wellbeing allowance and generous paid time off Genuine investment in learning, development and career progression Private health insurance WHAT HAPPENS NEXT? - Your application will be reviewed by a person. We don't use AI or automated tools to assess applications, and every profile is read by one of our Talent Partners. - You'll hear back within a few days. Whether it's a next step or a no, we aim to respond promptly so you're not left wondering. - Our interview process is straightforward and consistent. Belonging at Redgate We believe that people do their best work in an environment built on respect, fairness and trust, and that diverse perspectives lead to better outcomes. Redgate is an equal opportunity employer, and we make hiring decisions based on skill, potential and alignment with our values.