Senior Product Security Engineer - InfoSec - Bulgaria
Indexed description
The Team
Why will you enjoy this new opportunity?
The Product Security team focuses on securing Redis products by embedding security into every stage of development—combining automation, modern tooling, and emerging AI capabilities to stay ahead of evolving threats.
You’ll combine deep application security expertise with automation and AI-driven tooling to identify, prioritize, and remediate vulnerabilities. This is a hands-on role with high ownership, working closely with engineering teams to embed security into the development lifecycle and continuously improve our security posture.
The Role
What Type Of Work Will You Be Doing
- Own and operate vulnerability management processes across Redis products, from discovery through remediation and reporting
- Implement, evaluate, and manage AI-based security scanning tools to improve coverage and signal quality
- Conduct product security assessments using both traditional and AI-assisted techniques (e.g., SAST, DAST, code analysis, LLM-assisted review)
- Partner directly with engineering teams to triage findings, drive remediation, and improve secure development practices
- Integrate security tools and workflows into CI/CD pipelines to enable continuous, automated security testing
- Manage and triage findings from bug bounty platforms (e.g., HackerOne), ensuring timely validation and response
- Build automation to reduce manual effort in vulnerability tracking, reporting, and remediation workflows
- Use Jira to track, prioritize, and communicate security issues across teams
- Contribute to improving internal security standards, processes, and tooling
- 6+ years of experience in application security, product security, or a related field
- Strong experience operating vulnerability management programs, including triage, prioritization, and reporting
- Hands-on experience using Jira (or similar tools) to manage and track security issues at scale
- Experience working with bug bounty platforms such as HackerOne or Bugcrowd
- Practical experience with security tools (e.g., SAST, DAST, dependency scanning) and understanding their trade-offs
- Experience building or using automation (scripting, APIs, pipelines, or integrations) to improve security workflows
- Strong understanding of common application vulnerabilities (OWASP Top 10, secure coding practices)
- Ability to work cross-functionally and communicate clearly with engineering teams
- Experience with AI/ML-driven security tools or workflows (e.g., LLM-assisted code review, AI-based scanning)
- Familiarity with cloud-native environments (Kubernetes, containers, microservices architectures)
- Experience integrating security into modern CI/CD pipelines
- 25 days of vacation time
- Hybrid working options from both home and the office
- Home internet & phone monthly allowance
- One-time home-office setup allowance
- Health and dental insurance for you
- Personal life insurance
- Critical Illness Cover
- Lunch and snacks in the office
- Multisport/CoolFit card
Redis is committed to working with and providing access and reasonable accommodation to applicants with mental and/or physical disabilities. If you think you may require accommodations for any part of the recruitment process, please send a request to [email protected]. All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.
Any offer of employment at Redis is contingent upon the successful completion of a background check, consistent with applicable laws.
Redis reserves the right to retain data longer than stated in the privacy policy in order to evaluate candidates.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search