Aircall · 3 hours ago
Staff Security Engineer, Product Security
United States
Full-time
Remote
Lead/Staff
$215K/yr - $265K/yr
8+ years expAircall is a unicorn AI-powered customer communications platform used by over 22,000 companies worldwide. As a Staff Security Engineer, Product Security, you will drive product security strategy by integrating security into the product lifecycle, ensuring systems are secure and reliable while enabling teams to deliver quickly and safely.
AnalyticsCall CenterCloud Data ServicesCRMEnterprise ApplicationsSaaSSoftwareTelecommunicationsVoIP
Responsibilities
Drive and scale secure-by-design practices across product and engineering teams, integrating security into design, development, CI/CD, and release workflows
Lead security design and architecture reviews for major product initiatives; define security requirements, controls, and patterns that teams can adopt consistently
Own and evolve threat modeling practices, ensuring risks are systematically identified early and mitigations are validated
Perform deep technical assessments (manual code review, targeted security testing, validation of fixes) for high-impact findings and critical services
Identify and reduce classes of vulnerabilities across Aircall’s codebases and services (e.g., auth/authz flaws, injection, logic issues, SSRF, API security, cloud misconfigurations)
Build and improve security tooling and automation that scales across engineering (e.g., guardrails, CI checks, policy-as-code, leveraging AI for autonomous security-review processes that don’t slow delivery)
Triage and drive remediation of vulnerabilities discovered through internal testing, automated detection, and external reports (including coordinated disclosure where applicable)
Investigate and respond to product security incidents, helping with containment, root cause analysis, and prevention. Participate in on-call/threat-response rotations, escalating and coordinating during high-severity events
Stay up to date on attacker techniques (MITRE ATT&CK, red team reports, threat intel) and propose new detection patterns or responses accordingly
Serve as a trusted advisor to engineering and product leadership, translating security risks into pragmatic, prioritized actions and tradeoffs
Own cross-team product security initiatives (e.g., secure SDLC improvements, secure design frameworks, security champions, org-wide security patterns and standards)
Mentor and up-level engineers across security and product teams through reviews, pairing, coaching, and security education
Qualification
Required
8+ years of relevant experience in Product Security / Application Security / Secure Software Engineering (or equivalent)
Proven track record of leading product security work across multiple teams and influencing architecture and SDLC maturity at scale
Strong foundation in secure design, threat modeling, vulnerability discovery, and remediation strategies
Proficient with one or more of Programming languages (Python/Java/JavaScript) and ability to read code to identify security defects
Knowledge of common vulnerability classes and modern application risks (OWASP Top 10, API security, identity/auth patterns, cloud-native risk)
Experience designing or contributing to scalable, automated security review or decision-support workflows, including the use of AI-assisted systems to improve consistency, speed, or coverage
Familiarity with cloud-native infrastructure security (AWS/GCP/Azure + Kubernetes) and service-to-service security patterns
High degree of autonomy, initiative, and ownership; ability to drive entire initiatives with minimal oversight
Strong communication skills and ability to drive alignment across engineering/product partners
Preferred
Experience building proof-of-concepts/exploits or doing deep-dive vulnerability research
Experience applying AI/LLM techniques to improve internal security tooling, automate security workflows, or enhance security signal quality (e.g., structured reviews, correlation, prioritization, or validation)
Experience with bug bounty / vulnerability disclosure programs and working with external security researchers
Security certifications (OSCP, GWEB, CISSP) or demonstrated equivalent expertise
Contributions to open-source security tools, libraries, or security research
Benefits
Medical, dental, and vision insurance is 100% covered
401k plan with company matching!
Unlimited PTO — take the time you need to come to work feeling great!
Wellness, internet, and childcare reimbursements
Generous parental leave policy
Company
Aircall
Aircall is a cloud-based call center software that integrates with CRM, productivity, and helpdesk tools.
501-1000 employees
H1B Sponsorship
Aircall has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9)
2024 (3)
2023 (1)
2020 (4)
Funding
Current Stage
Late StageTotal Funding
$225.55MKey Investors
HubSpot VenturesGoldman Sachs Asset ManagementDTCP
2022-02-23Series Unknown
2021-06-23Series D· $120M
2020-05-27Series C· $65M
Leadership Team
Scott Chancellor
Chief Executive Officer
Pierre-Baptiste Béchu
VP of Communications Platform
Recent News
2025-12-05
2025-12-04
Company data provided by crunchbase