• We are seeking a highly capable and pragmatic Senior Product Security Analyst to safeguard our products, platforms, and customers as we scale. • This is a senior individual contributor role with clear accountability and decision-making authority, responsible for independently identifying, assessing, and driving resolution of security risks across the product lifecycle. • Reporting to the Director, Product Security, you will act as the primary application and product security owner for assigned products, partnering closely with engineering, product management, cloud, and platform teams. • You will embed application-focused security practices into design and delivery, exercise sound technical and risk judgment in release decisions, and play a key role in advancing the maturity, consistency, and resilience of our product security capabilities in a fast-growing environment. • Act as the primary application and product security partner for assigned products and services, owning end-to-end security reviews from design through release. • Lead application-focused security assessments, including architecture reviews, threat modeling, and secure design validation for APIs, microservices, and SaaS platforms. • Independently assess security risk and approve, delay, or block releases when required, escalating decisions where business urgency or customer commitments necessitate alignment. • Provide authoritative, risk-based guidance to engineering teams, helping them understand not just what needs to be fixed, but also include security and risk context. • Own vulnerability triage and prioritization for assigned products, ensuring findings are contextualized based on exploitability, exposure, and business impact. • Interpret results from application security testing activities (SAST, DAST, SCA, manual reviews), translating technical findings into actionable remediation guidance. • Monitor relevant external threats, attack techniques, and vulnerability trends, proactively assessing applicability to products and platforms. • Support investigation and remediation of product- and application-related security incidents. • Partner with engineering, platform, and cloud teams to embed secure-by-design practices into the SDLC, with a strong emphasis on application-layer controls. • Apply hands-on technical judgment to validate engineering assumptions, challenge risk decisions, and ensure security controls are implemented effectively. • Contribute to the evolution of application security standards, guardrails, and review practices that scale across multiple product teams. • Support alignment of application and product security practices with applicable frameworks such as PCI DSS and GDPR, focusing on practical security outcomes rather than checkbox compliance. • Translate internal controls into actionable engineering requirements and support evidence collection for audits and assessments as needed. • Coordinate and support penetration testing, bug bounty programs, and third-party security assessments, ensuring timely remediation and risk closure. • Build trusted, durable relationships with product, engineering, cloud, platform, and CGRC teams. • Clearly articulate security risk, trade-offs, and remediation options to both technical and non-technical stakeholders. • Contribute to the long-term maturity of the product and application security program through pattern recognition, continuous improvement, and shared learning.