Staff Product Security Engineer - AI

Summary

Join Match Group as an AI-focused Staff Product Security Engineer and help ensure the highest security standards for our products and members. You will develop AI-powered tools to identify vulnerabilities, reduce false positives, and provide remediation guidance to engineering teams. This role involves security research, contributing to the security blog, and speaking at conferences. The ideal candidate has at least 5 years of application security experience, a strong track record of manual vulnerability testing, and experience with prompt engineering and AI models. Match Group offers flexible remote or hybrid work models in the US and a competitive compensation package.

Requirements

• At least 5 years of professional experience in application security
• A track record of manually testing for and identifying impactful vulnerabilities
• The ability to effectively partner and communicate with Engineering and Product teams
• Experience securing large-scale web/mobile applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws
• Experience with various prompt engineering techniques and AI models to effectively develop tooling
• Ability to write clean and maintainable code integrating across various systems
• Experience publicly writing about or presenting security related work
• Bachelor’s Degree in Computing Science or related field

Responsibilities

• Develop tooling leveraging AI to identify security vulnerabilities in code and configuration oversights
• Pursue strategies to reduce tooling noise and false positives, leaving actionable security vulnerabilities to prioritize with the brand teams
• Interface with engineering teams and effectively convey impact and provide remediation guidance for vulnerabilities
• Take ownership of the security research function to contribute to the security blog and speak at security conferences

Preferred Qualifications

• Experience submitting high impact vulnerabilities to bug bounty programs, responsible disclosures, or published CVEs
• Public work in the security space such as tooling, blog posts, or conference talks outlining novel techniques
• The ability to identify gaps and pain points scaling application security and develop low-friction solutions through automation

Benefits

• Medical, mental health, and wellness benefits to support your overall health and well-being
• Competitive compensation, 100% employer match on 401k contributions up to 10% (cap at $10,000), as well as an employee stock purchase program to help you feel supported in your financial security
• Generous PTO and 18 paid holidays so you can unplug
• Annual training allowance for professional development and ERG membership opportunities and events so you feel connected and empowered in your work
• 20 weeks of 100% paid parental leave, fertility, adoption, and child care resources, as well as pet insurance and discounts