Security Engineer

Dialpad • Bengaluru, India • 2d ago

Why This Job is Featured on The SaaS Jobs

Product security roles are becoming a defining function inside SaaS companies as more of the customer experience moves through APIs, integrations, and AI assisted workflows. This Security Engineer remit spans core application surfaces and explicitly includes AI powered capabilities, signalling a product led environment where security decisions are made alongside feature design rather than after release. Reporting to the Chief Security Officer also suggests direct proximity to company wide risk prioritisation.

For a SaaS career, the strongest leverage here is breadth across the modern delivery stack. Experience threat modelling new features, shaping secure architectures, and building SDLC guardrails translates well across subscription businesses where frequent releases and multi tenant data handling are the norm. The AI focus adds a current, portable skill set around emerging abuse cases, third party model dependencies, and telemetry for novel attack patterns.

This role fits security engineers who prefer influencing outcomes through partnership with product and engineering teams, not only running audits. It will suit someone comfortable moving between deep technical validation and writing practical guidance that scales across teams. The scope also aligns with professionals who want their work tied to customer facing systems and the tradeoffs that come with shipping secure SaaS products.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

Your role
As a Security Engineer focused on Product Security and AI, you will help secure Dialpad’s applications, platforms, and AI-powered capabilities throughout the product lifecycle.

You will partner closely with software engineers, infrastructure teams, product managers, and AI practitioners to identify risks early, design secure architectures, and raise the security bar across our products. This role blends hands-on technical depth with strong business judgment and a modern understanding of how AI changes the application security landscape.

This position reports to the Chief Security Officer and offers the opportunity to work on some of Dialpad’s most critical customer-facing systems and emerging AI initiatives.

What you’ll do

Partner with engineering teams to design and review secure architectures for customer-facing products, APIs, integrations, and internal platforms.
Lead product security reviews, threat modeling sessions, and design assessments for new features and major platform changes.
Identify, validate, and drive remediation of application security issues across web, backend, cloud, mobile, and API surfaces.
Build and improve security guardrails in the software development lifecycle, including secure defaults, testing, and automation.
Define security requirements and review controls for AI and Agentic features, including prompt handling, data exposure risks, abuse cases, and third-party AI services.
Collaborate with engineering teams on secure coding practices, vulnerability management, and risk-based remediation.
Improve product and AI security telemetry, detection opportunities, and response readiness in partnership with detection and infrastructure teams.
Contribute to security standards, reference architectures, and developer-facing guidance that scale across teams.
Support security reviews for external integrations, partner ecosystems, and features that handle sensitive customer data.
Help investigate product and application security incidents and translate learnings into durable engineering improvements.

Skills you'll bring

5+ years of experience in application security, product security, security engineering, or software engineering with a strong security focus.
Strong understanding of modern application security principles across web applications, APIs, authentication, authorization, and cloud-native systems.
Experience conducting threat modeling, secure design reviews, and technical risk assessments.
Experience finding and prioritizing vulnerabilities using manual testing, code review, and security tooling.
Familiarity with secure SDLC practices and experience embedding security into engineering workflows.
Strong understanding of common classes of product risk such as injection, access control failures, secrets exposure, insecure deserialization, SSRF, and supply chain risk.
Practical knowledge of securing AI-enabled products, including LLM-related risks, prompt injection, data leakage, insecure tool use, model abuse, and third-party AI integrations.
Ability to write clear technical guidance and influence teams without creating unnecessary friction.
Strong communication skills and the ability to work cross-functionally with engineering, product, legal, and compliance stakeholders.
Comfort balancing security rigor with product velocity and business priorities.