Security Engineer

Your role
As a Security Engineer focused on Product Security and AI, you will help secure Dialpad’s applications, platforms, and AI-powered capabilities throughout the product lifecycle.

You will partner closely with software engineers, infrastructure teams, product managers, and AI practitioners to identify risks early, design secure architectures, and raise the security bar across our products. This role blends hands-on technical depth with strong business judgment and a modern understanding of how AI changes the application security landscape.

This position reports to the Chief Security Officer and offers the opportunity to work on some of Dialpad’s most critical customer-facing systems and emerging AI initiatives.

What you’ll do

• Partner with engineering teams to design and review secure architectures for customer-facing products, APIs, integrations, and internal platforms.
• Lead product security reviews, threat modeling sessions, and design assessments for new features and major platform changes.
• Identify, validate, and drive remediation of application security issues across web, backend, cloud, mobile, and API surfaces.
• Build and improve security guardrails in the software development lifecycle, including secure defaults, testing, and automation.
• Define security requirements and review controls for AI and Agentic features, including prompt handling, data exposure risks, abuse cases, and third-party AI services.
• Collaborate with engineering teams on secure coding practices, vulnerability management, and risk-based remediation.
• Improve product and AI security telemetry, detection opportunities, and response readiness in partnership with detection and infrastructure teams.
• Contribute to security standards, reference architectures, and developer-facing guidance that scale across teams.
• Support security reviews for external integrations, partner ecosystems, and features that handle sensitive customer data.
• Help investigate product and application security incidents and translate learnings into durable engineering improvements.

Skills you'll bring

• 5+ years of experience in application security, product security, security engineering, or software engineering with a strong security focus.
• Strong understanding of modern application security principles across web applications, APIs, authentication, authorization, and cloud-native systems.
• Experience conducting threat modeling, secure design reviews, and technical risk assessments.
• Experience finding and prioritizing vulnerabilities using manual testing, code review, and security tooling.
• Familiarity with secure SDLC practices and experience embedding security into engineering workflows.
• Strong understanding of common classes of product risk such as injection, access control failures, secrets exposure, insecure deserialization, SSRF, and supply chain risk.
• Practical knowledge of securing AI-enabled products, including LLM-related risks, prompt injection, data leakage, insecure tool use, model abuse, and third-party AI integrations.
• Ability to write clear technical guidance and influence teams without creating unnecessary friction.
• Strong communication skills and the ability to work cross-functionally with engineering, product, legal, and compliance stakeholders.
• Comfort balancing security rigor with product velocity and business priorities.