Product Security Engineer
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks tha…
About Us
At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company.
At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized" problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving tough problems to keep the Internet moving forward, you’ll fit right in.
Job Title - Product Security Engineer
Available Location - Bengaluru, India
Role Summary
As a Product Security Engineer, you will support security assessments and vulnerability operations for Cloudflare’s core software products. In this role, you will analyze system architecture, threat model new features, and ensure that product-related security findings are accurately triaged, routed to the correct engineering owners, and mitigated within our SLAs.
On any given day, you might conduct a deep-dive security review on a new feature design, triage a complex bug bounty submission, or work directly with engineering teams to resolve vulnerabilities from different sources like bug bounties, SAST, fuzzing and penetration tests. You will also work autonomously to identify areas where our manual processes slow down. You will write code and integrate AI/LLM solutions to automate initial triage and data enrichment, building tools that help the team handle security findings at scale. In short, your work will sit at the intersection of Product Security, Vulnerability Operations, and internal AI Tooling. Ideally, you have experience in conducting academic/vulnerability research with a focus on systems security.
Role Responsibilities
Implement AI Security Solutions: Identify process bottlenecks and build AI-driven tools or scripts to help automate code analysis, optimize triage, and streamline Product Security workflows.
Security Reviews & Threat Modeling: Conduct structured security reviews and threat modeling sessions (e.g., STRIDE) across product features, defining security requirements early in the development lifecycle.
Product Vulnerability Management: Manage the operational lifecycle of product security findings. Ensure vulnerabilities are verified, mapped to the correct engineering owner, and tracked to mitigation in alignment with established SLAs.
Bug Bounty Triage: Perform the technical triage and validation of Cloudflare’s external Bug Bounty submissions, verifying exploitability and evaluating business risk.
Pentest Coordination: Support internal and external penetration testing engagements by reviewing findings, clarifying technical context, and assisting development teams with remediation strategies.
Engineering Collaboration: Partner closely with DevOps and product teams, acting as a reliable security point of contact and helping developers implement secure coding practices.
Role Requirements (Must
Neutral 2–4 sentence summary of what working at this company is like, drawn from public reviews and press coverage. Tone, collaboration style, pace, benefits highlights.
£45,000 – £60,000 (Glassdoor, Levels.fyi, 2025)
About Us At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks tha…
With a strong security engineering background, you’re looking for a role that gives you the freedom to increase MongoDB’s resonance with cus…
With a strong security engineering background, you’re looking for a role that gives you the freedom to increase MongoDB’s resonance with cus…
MongoDB is seeking a Senior Product Security Engineer to drive cloud security initiatives for MongoDB Atlas and the cloud platforms that pow…
hackajob is collaborating with BAE Critical Skills to connect them with exceptional professionals for this role. Job Title: Principal Engine…
At Sonos we want to create the ultimate listening experience for our customers and know that it starts by listening to each other. As part o…