Valon Tech - Staff Product Security Engineer - Customer Platform

• Define and evolve product security architecture and strategy for Valon’s multi-tenant SaaS platform • Architect and guide secure implementation of customer-facing security capabilities in conjunction with Engineering (e.g., authentication / authorization models, identity integration, access controls, audit and logging, encryption / key management) • Build and maintain security reference architectures and standardized secure design patterns for product teams • Lead threat modeling, security design and code reviews for new features, services, and major architectural changes • Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for product and data security risks • Support vulnerability triage, remediation strategy, and root cause analysis for product security issues • Support security compliance and regulatory needs (e.g., SOC 2, CCPA, NYDFS, FTC), including customer-facing security discussions and due diligence • Develop, implement, and enforce security policies, standards, and procedures • Support operational activities including security advisory and consultative reviews, incident response, issue remediation, and other security processes • Ideal Background • Extensive experience in product security, application security, or security architecture roles, with ownership of security design for SaaS platforms including multi-tenancy and customer-facing security capabilities. • Strong background in cloud security and modern infrastructure, with hands-on experience securing cloud environments (GCP preferred). • Proven experience in SaaS IAM and tenant security (e.g., authentication/authorization, RBAC, SSO/SAML/OIDC, SCIM, MFA, audit logs). • Expertise in designing secure platform controls (e.g., APIs, service-to-service auth, encryption/KMS/CMEK, logging/monitoring) • Demonstrated ability to build and maintain security reference architectures. • Expert-level experience leading threat modeling and security design reviews including security-focused code reviews. • Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts) • Highly hands-on engineer with proven ability to operate autonomously, drive multiple complex cross-functional efforts, and influence independently. • Excellent communication and collaboration skills, including the ability to explain complex security concepts to both technical and non-technical stakeholders. • Prior software engineering experience and/or coding ability (Python) is preferred. • Experience working in high-growth or startup environments is a plus.