Staff Product Security Engineer

Overview

This is an incredible opportunity to be part of a company that has been at the forefront of AI and high-performance data storage innovation for over two decades. DataDirect Networks (DDN) is a global market leader renowned for powering many of the world's most demanding AI data centers, in industries ranging from life sciences and healthcare to financial services, autonomous cars, Government, academia, research and manufacturing.

"DDN's A3I solutions are transforming the landscape of AI infrastructure." – IDC 

“The real differentiator is DDN. I never hesitate to recommend DDN. DDN is the de facto name for AI Storage in high performance environments” - Marc Hamilton, VP, Solutions Architecture & Engineering | NVIDIA 

DDN is the global leader in AI and multi-cloud data management at scale. Our cutting-edge data intelligence platform is designed to accelerate AI workloads, enabling organizations to extract maximum value from their data. With a proven track record of performance, reliability, and scalability, DDN empowers businesses to tackle the most challenging AI and data-intensive workloads with confidence. 

Our success is driven by our unwavering commitment to innovation, customer-centricity, and a team of passionate professionals who bring their expertise and dedication to every project. This is a chance to make a significant impact at a company that is shaping the future of AI and data management. 

Our commitment to innovation, customer success, and market leadership makes this an exciting and rewarding role for a driven professional looking to make a lasting impact in the world of AI and data storage. 

Job Description

As a Staff Product Security Engineer – Infinia, you’ll play a foundational role in how we build and secure one of our most critical products. This is a high-impact, hands-on engineering role focused on embedding security into our development lifecycle, tooling, and infrastructure — without slowing product velocity.

You’ll work closely with DevOps, Engineering, and Compliance partners to drive vulnerability remediation, threat modeling, and secure-by-default architecture. You’ll also lead efforts to integrate automated security checks (SCA, SAST, DAST, secrets detection) into our CI/CD workflows and influence engineering culture with scalable, developer-friendly practices.

Key Responsibilities

Security Integration & Engineering Partnership

• Lead vulnerability triage and remediation with engineering and DevOps teams
• Integrate and manage security tooling (SCA, SAST, DAST, secrets detection) in CI/CD pipelines
• Collaborate with DevOps to embed security controls with smooth pipeline operations.
• Conduct threat modeling and secure design reviews for high-impact features

Technical Leadership & Enablement

• Develop automated workflows for vulnerability tracking, ticketing, and alerting
• Author security best practices, code hardening guides, and internal playbooks
• Act as a senior security voice during architecture reviews and design discussions
• Contribute to onboarding and enablement of security-minded engineering habits

Forward Planning & Operational Security

• Support customer security assessments and internal reviews
• Guide adoption of security baselines aligned to CIS/NIST frameworks
• Influence product roadmap decisions with a security-first mindset

Required Qualifications

• 8+ years in product/application security or secure software development
• Proven experience with SAST/SCA tooling and secure CI/CD pipelines
• Strong understanding of secure design principles (authN/authZ, input validation, etc.)
• Familiarity with cloud infrastructure (AWS/GCP), containers, and modern DevOps workflows
• Excellent collaboration skills across engineering, DevOps, and product

Preferred Qualifications

• Familiarity with tools like Trivy, Semgrep, tfsec, Checkov
• Experience with IaC security, Kubernetes hardening, or pipeline guardrails
• Exposure to frameworks like NIST 800-53, CIS Benchmarks, or OWASP SAMM
• Participation in secure coding education or developer security programs

This position requires participation in an on-call rotation to provide after-hours support as needed.

• Review and validate existing security tool integrations
• Shadow vulnerability remediation workflows
• Deliver recommendations for improving CI/CD security checks
• Identify priority areas for hardening and developer guidance

Success Metrics – Beyond 30 Days

• Security tooling adopted and running as part of build pipelines
• Measurable reduction in open vulnerabilities or SLA breaches
• Documented best practices in use across multiple teams
• Participation in or leadership of threat modeling sessions
• Positive feedback from engineering partners on workflow impact

DDN

Join our dynamic and driven team, where engineering excellence is at the heart of everything we do. We seek individuals who love to challenge themselves and are fueled by curiosity. Here, you'll have the opportunity to work across various areas of the company, thanks to our flat organizational structure that encourages hands-on involvement and direct contributions to our mission. Leadership is earned by those who take initiative and consistently deliver outstanding results, both in their work ethic and deliverables, making strong prioritization skills essential. Additionally, we value strong communication skills in all our engineers and researchers, as they are crucial for the success of our teams and the company as a whole.

Interview Process: After submitting your application, one of our recruiters will review your resume. If your application passes this stage, you will be invited to a 30-minute interview during which a member of our team will ask some basic questions. If you clear the interview, you will enter the main process, which can consist of up to four interviews in total:

• Coding assessment: Often in a language of your choice.
• Systems design: Translate high-level requirements into a scalable, fault-tolerant service (depending on role).
• Real-time problem-solving: Demonstrate practical skills in a live problem-solving session.
• Meet and greet with the wider team.
• Our goal is to finish the main process in 2-3 weeks at most.

DataDirect Networks (DDN) is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, gender expression, transgender, sex stereotyping, sexual orientation, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.

#LI-Remote