Senior Product Security Engineer

Position Overview

• Location Type: Remote
• Employment Type: Full-Time
• Salary: (Salary not provided in the text)

Sanity is seeking a Senior Product Security Engineer who can balance hands-on security work with holistic product security responsibilities. This role will be instrumental in strengthening and developing our security posture while also supporting compliance initiatives and vendor management. The ideal candidate will have strong technical security skills and the ability to manage programs across security, compliance, and vendor ecosystems.

Joining our security team means becoming part of something bigger than just fixing vulnerabilities or reviewing code. You will be empowering creators, developers, and businesses to focus on what they do best while you handle the invisible shield that protects their digital assets. We believe security should enable innovation rather than hinder it, and we're looking for someone who shares our passion for building secure systems that help our customers shine in the digital world.

Requirements

• 5+ years of experience in security engineering roles as an individual contributor
• Based in the US, Canada, or Europe

Responsibilities

• Proactively engage with product teams and contribute code fixes when necessary
• Coordinate security pentesting activities and follow up on findings
• Triage and respond to security issues and bug bounty reports
• Review security requests for new libraries or vendors
• Act as a security advisor for product development
• Develop and maintain security tools and alerts
• Product Security Engineering
• Holistic security responsibilities
• Assist in managing and implementing the security aspects of our compliance program
• Contribute to compliance and security related questions from customers (RFIs)
• Support and lead vendor security assessments

About the Role

• This is not a Security Operations Center (SOC) role and does not require on-call, though your participation will be expected in order to address security incidents when they arise.
• Focuses on proactive security work integrated directly into our product development process, collaborating with teams to embed security from the beginning.
• Reports directly to the head of SRE, with a clear path for growth and the opportunity to have a large impact in the organization.

About Sanity.io

• Sanity.io is changing how forward-thinking companies like PUMA, Spotify, Figma, Riot Games, and Linear create digital experiences.
• Our content operating system replaces rigid legacy CMS solutions with a flexible, developer-first platform that gives engineers complete control to build without restrictions.

Company Information

• We believe security should enable innovation rather than hinder it.