Product Security Engineer

Airtable is the no-code app platform that empowers people closest to the work to accelerate their most critical business processes. More than 500,000 organizations, including 80% of the Fortune 100, rely on Airtable to transform how work gets done.

Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our rapidly evolving platform as we expand our AI and LLM-powered offerings. You will join the team responsible for safeguarding the application layer of Airtable’s platform.

You will partner closely with product engineering teams to build paved roads, frameworks, and automated controls that make the secure path the easy path for our engineering teams. You will help influence application security at scale, ensuring our products are secure by design.

• Develop self-service security frameworks and 'paved roads' that allow engineering teams to ship secure code by default.
• Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues (for example, multi-tenant isolation and authorization/permission bypasses) that automated tools cannot catch.
• Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance.
• Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows.
• Manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem.
• Contribute to the long-term roadmaps, metrics, and strategic planning for the security team.
• (Senior/Staff L5+) Lead complex threat modeling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organization.

• 4+ years of experience in product security or application security, with experience shipping production code. Please note this is not an early career position.
• You have a strong background in computer science or a related field, with proficiency in writing clean, maintainable code.
• You have deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them.
• You have hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks.
• You are proficient in writing and reviewing code and treat security as an engineering problem to be solved with software, not just policies.
• You excel at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity.
• You are comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy.

Airtable is an equal opportunity employer. We embrace diversity and strive to create a workplace where everyone has an equal opportunity to thrive. We welcome people of different backgrounds, experiences, abilities, and perspectives. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any characteristic protected by applicable federal and state laws, regulations and ordinances. Learn more about your EEO rights as an applicant. 

VEVRAA-Federal Contractor

If you have a medical condition, disability, or religious belief/practice which inhibits your ability to participate in any part of the application or interview process, please complete our Accommodations Request Formand let us know how we may assist you. Airtable is committed to participating in the interactive process and providing reasonable accommodations to qualified applicants.

#LI-remote

Compensation awarded to successful candidates will vary based on their work location, relevant skills, and experience.

Our total compensation package also includes the opportunity to receive benefits, restricted stock units, and may include incentive compensation. To learn more about our comprehensive benefit offerings, please check out Life at Airtable.

Please see our Privacy Notice for details regarding Airtable’s collection and use of personal data relating to the application and recruitment process by clicking here.
For applicants that live in or have a link to Australia, please see this Privacy Collection Statement for details regarding Airtable's collection and use of personal data relating to the application and recruitment process.

🔒 Stay Safe from Job Scams
All official Airtable communication will come from an @airtable.com email address. We will never ask you to share sensitive information or purchase equipment during the hiring process. If in doubt, contact us at hr@airtable.com. Learn more about avoiding job scams here.