Senior Product Security Engineer

Job Description: DataRobot delivers AI that maximizes impact and minimizes business risk. Our platform and applications integrate into core business processes so teams can develop, deliver, and govern AI at scale. DataRobot empowers practitioners to deliver predictive and generative AI, and enables leaders to secure their AI assets. Organizations worldwide rely on DataRobot for AI that makes sense for their business — today and in the future. DataRobot is seeking an experienced Senior Product Security Engineer to drive day-to-day security while ensuring our platform meets the rigorous demands of our on premises and hosted customers. This is a highly technical, high-impact role where you will operate at the intersection of engineering, automation, and security. You will serve as a member of our Engineering Product Security group, handle customer security inquiries, and build automation using Python. This role requires a unique blend of technical expertise and diplomatic communication skills to navigate complex customer conversations. Key Responsibilities: Security Engineering & Automation Automate Everything: Develop custom automation to manage security processes and implement "Secure-by-Design" processes in the CI/CD pipeline using Python. Container Security: Identify, design, and implement controls to safeguard our containerized production environments. Tooling Management: Deploy and manage product security testing tools for SAST, DAST, and SCA analysis (e.g., Semgrep, Trivy, Burp Suite). Threat Modeling: Review technical designs for new features, leading threat models to prioritize risks and educate developer teams on secure coding practices. Customer Trust & Vulnerability Management Threat Assessment & Security Analysis: Conduct and automate end-to-end vulnerability, threat, and exploitability assessments for actionable fixes and mitigations in DataRobot products. Incident Response: Perform initial technical investigation for customer reports and security incidents, coordinating with Engineering and IT Security to validate and track fixes. Customer Engagement: Work directly with Sales & Support teams to resolve concerns regarding security exposure and architecture. Customer-Centric Communication: Balance business needs with security rigor. You must be able to stand firm on security policies while maintaining strong professional relationships through clear, diplomatic, and solutions-oriented communication. Knowledge, Skills, and Abilities: Technical Proficiency: Fluent in writing code using Python to build security automation. Must have a deep understanding of Linux containers (internals, security isolation). Experienced in Git-based collaboration and automating software delivery through CI/CD integration (Jenkins, Harness, or GitHub Actions). Familiarity with Kubernetes orchestration is strongly preferred. Hands-on experience with common security tools such as Semgrep, Trivy, and Burp Suite. Ability to reproduce vulnerabilities in a lab environment to demonstrate impact. Strong ability to perform manual code reviews or AI assisted reviews in Python, Go, and Node.js, looking for flaws that automated tools might miss (e.g., broken access control or insecure business logic). Leveraged AI-driven automation to accelerate secure code development and scale security assessments across the SDLC. Independence: Ability to work independently on complex technical tasks with minimal supervision, while knowing when to escalate architectural decisions to Senior and Staff engineers. Strategic Mindset: Experience determining not just how to fix a bug, but why and how it happened and then automate how to prevent it systemically. Soft Skills: Strong communication skills for guiding teams and liaising with various stakeholders. Requisite Education and Experience: 5-7 years of experience working in Product Security or Application Security roles. Bachelor's in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience). The talent and dedication of our employees are at the core of DataRobot’s journey to be an iconic company. We strive to attract and retain the best talent by providing competitive pay and benefits with our employees’ well-being at the core. Here’s what your benefits package may include depending on your location and local legal requirements: Medical, Dental & Vision Insurance, Flexible Time Off Program, Paid Holidays, Paid Parental Leave, Global Employee Assistance Program (EAP) and more! DataRobot Operating Principles: Wow Our Customers Set High Standards Be Better Than Yesterday Be Rigorous Assume Positive Intent Have the Tough Conversations Be Better Together Debate, Decide, Commit Deliver Results Overcommunicate Research shows that many women only apply to jobs when they meet 100% of the qualifications while many men apply to jobs when they meet 60%. At DataRobot we encourage ALL candidates, especially women, people of color, LGBTQ+ identifying people, differently abled, and other people from marginalized groups to apply to our jobs, even if you do not check every box. We’d love to have a conversation with you and see if you might be a great fit. DataRobot is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. DataRobot is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. Please see the United States Department of Labor’s EEO poster and EEO poster supplement for additional information. All applicant data submitted is handled in accordance with our Applicant Privacy Policy. Apply To This Job