Sr Product Security Engineer

Posted 5 Days Ago
Be an Early Applicant
Hiring Remotely in Brazil
Remote
Senior level
Consumer Web
The Role
Lead product security efforts by integrating and operating SAST/DAST/SCA/CNAPP tooling in CI/CD, building automation and LLM-assisted security tooling, performing vulnerability identification and remediation, conducting security testing across the SDLC, and partnering with engineering to embed security-by-default practices and measure security initiative impact.
Summary Generated by Built In

At Playlist, life's richest moments happen when people step away from screens to move, connect, explore, and play. We're building the definitive platform for intentional living, connecting people with inspiring experiences in fitness, wellness, and beyond. With popular brands like Mindbody and ClassPass, Playlist empowers businesses and individuals, making it effortless for aspirations to become actions. Join us in reshaping technology's role to foster meaningful, real-world connections.

ClassPass offers thousands of fitness and wellness experiences worldwide, helping people lead active, balanced lifestyles. Our platform makes discovering and enjoying activities simple, personalized, and joyful—whether it's fitness classes, self-care sessions, a healthy lunch, or a new adventure. Join us in shaping healthier, more vibrant communities around the globe.

Employment Type (Brazil): This position is offered as a CLT (Consolidação das Leis do Trabalho) employee role. Candidates must be comfortable being hired under a CLT employment arrangement.

Who we are

 We are a dedicated team of product security engineers committed to developing and supporting ground-breaking software products. Together we will work to safeguard the future, enabling wellness businesses worldwide to empower their customers to lead healthy lives. Driven by a higher purpose, we continuously challenge ourselves and our organization to excel, recognizing the strength that comes from collaborative efforts toward a common objective. We are strong advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the core of our achievements is a deep belief in the value of our people. If you share our passion and vision, we invite you to consider joining our team. Together, we can explore remarkable feats and make a lasting impact! 

Your role 

  • As a Senior Security Engineer, you will be responsible for contributing to the success of the Product Security team in several key areas.  You’ll work to reduce security friction across engineering by fostering partnership and collaboration to enhance our security posture.  Security enablement will be a crucial aspect of your responsibilities, spanning devsecops integration, automation, vulnerability identification, and remediation, and hands-on tooling development. You will own the integration and operation of SAST, DAST, SCA, and CNAPP solutions within synchronous and asynchronous pipelines — identifying issues, submitting remediation PRs, and validating fixes through automated retesting. You will also build, maintain, and continuously improve agentic security tooling that scales the team’s capabilities across all phases of the SDLC.
  • You’ll play a vital role to ensure software solutions are secure by default.  You will facilitate continuous security testing, measurability, and reporting on the impact of security initiatives.  
  • You’ll pursue continuous improvement to help Playlist achieve its mission: Powering the world’s fitness and wellness businesses and connecting them with more consumers, more effectively, than anyone else. 

You will

  • Partner with software engineering and platform teams to identify and solve complex security problems.
  • Operate, integrate, and continuously tune SAST, DAST, SCA, and CNAPP tooling within pipelines — supporting engineering, triaging findings, driving remediation, and measuring coverage and effectiveness over time.
  • Design, build, and maintain agentic security tools — including LLM-assisted workflows for exploitable code identification, vulnerability triage, and remediation guidance — deployed across planning, development, testing, and production phases of the SDLC.
  • Identify security gaps and demonstrate strategic recommendations for remediation.
  • Address security issues identified throughout the secure software development lifecycle.
  • Conduct security testing, beginning with the product planning phase continuing through production deployment.
  • Define and integrate security requirements ensuring alignment with industry standards and best practices.
  • Ability to work independently, and lead both cyber security and cross functional security initiatives.
  • Stay abreast of emerging security threats, vulnerabilities and controls.

About the right team member

You are an intellectually curious senior engineer who is passionate about creating impactful security solutions and who communicates those solutions clearly to both technical and non-technical audiences. You bring deep expertise in devsecops, cloud security, and application security — and you write code to solve security problems, not just identify them. You are fluent in one or more modern languages (Python, .NET, or TypeScript preferred) and comfortable building automation, integrations, and agentic tooling. You have a software engineering background and are eager to apply it to grow the Product Security function while working closely with security champions, engineering teams, and company leadership. 

You will thrive in this role with experience

  • 4+ year experience across multiple security domains with an emphasis on product security and cloud-native security.
  • Possess verifiable software engineering and penetration testing skills.
  • 2+ year senior security experience leading and executing product security initiatives (i.e. devsecops, security consulting, and penetration testing).
  • Proficiency with modern languages including Python, .NET, or TypeScript, with hands-on experience building security automation, integrations, and agentic tooling.
  • Hands-on experience operating and integrating SAST, DAST, SCA, WAF, and CNAPP solutions (e.g., Semgrep, Checkmarx, Snyk, Wiz, or equivalents) within CI/CD pipelines.
  • Hands-on experience with design, code review, and securing products and solutions for public cloud-based applications and infrastructure.
  • Experience with offensive testing tools like Burp Suite and Kali Linux.
  • Experience securing applications deployed using Docker, Kubernetes, and public cloud environments.
  • Product Security experience working for a SaaS-based organization or within a consulting firm.
  • Excellent leadership skills with a track record of driving security initiatives within software development teams.
  • Excellent communication skills (both written and verbal).
  • Self-motivated, self-directed, and self-organized.
Have we piqued your curiosity?

Sound like the role for you? We’d love to hear from you! Even if you’re not 100% sure about potential fit, we still encourage you to apply. We’re looking for the right person, not the perfect series of checkboxes.

The Company is an Equal Opportunity Employer. We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics.

By entering your email and phone number and submitting your application, you consent to receive emails, calls and SMS about your application and other roles at The Company, including by auto-dialer. Message and data rates may apply. Opt-out or text STOP to cancel at any time. If you are a California resident or reside outside the United States then by submitting your application you confirm that you have read, understood, agree and - where applicable - grant your prior, free, informed and express consent for the processing of your personal information, including sensitive personal information, as described in our California Applicant Privacy Notice or International Applicant Privacy Notice (as applicable).

Skills Required

  • 4+ years experience across multiple security domains with emphasis on product and cloud-native security
  • 2+ years senior security experience leading product security initiatives (devsecops, consulting, penetration testing)
  • Verifiable software engineering and penetration testing skills
  • Proficiency with Python, .NET, or TypeScript and hands-on experience building security automation and integrations
  • Hands-on experience operating and integrating SAST, DAST, SCA, WAF, and CNAPP tools (e.g., Semgrep, Checkmarx, Snyk, Wiz)
  • Experience with offensive testing tools such as Burp Suite and Kali Linux
  • Hands-on experience securing and reviewing code for public cloud-based applications and infrastructure
  • Experience securing applications deployed with Docker and Kubernetes
  • Experience building or maintaining agentic/LLM-assisted security tooling and automation
  • Product Security experience in a SaaS organization or consulting firm
  • Excellent leadership and written/verbal communication skills and ability to lead cross-functional initiatives
  • Comfortable being hired under Brazil CLT employment arrangement (for Brazil candidates)

ClassPass Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about ClassPass and has not been reviewed or approved by ClassPass.

  • Fair & Transparent Compensation Compensation in certain product and engineering roles is described as market-competitive. Pay in these areas is framed more favorably than in quota-carrying functions.
  • Wellbeing & Lifestyle Benefits Offerings include wellness perks such as fitness stipends and access to wellness programs that add value beyond base pay. Remote-friendly policies and stipends also support everyday well-being.
  • Leave & Time Off Breadth Benefits include paid holidays and sick time, with additional indications of generous PTO and parental leave. These provisions broaden the non-cash value of employment.

ClassPass Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Missoula, MT
490 Employees
Year Founded: 2012

What We Do

Discover the best workouts around. Search gyms and studios near you, book a spot and get moving. Join our quickly-growing team and you’ll have an incredible opportunity to build a career with a high-growth startup while empowering others to reach their fitness goals. Companies can also give their employees access to our global network of fitness studios and gyms with one membership, while increasing engagement, retention and saving on healthcare costs.

Similar Jobs

Function Health Logo Function Health

Security Engineer

Information Technology • Consulting
Remote
14 Locations
116 Employees

Mastercard Logo Mastercard

Enterprise Operations Engineer (A/V)

Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Remote or Hybrid
São Paulo, BRA
38800 Employees

Tapestry - Coach and Kate Spade Logo Tapestry - Coach and Kate Spade

Temporary Associate

eCommerce • Fashion • Retail • Sales • Wearables • Design
Remote or Hybrid
14 Locations
16000 Employees
15-20 Hourly

Mastercard Logo Mastercard

Specialist, Customer Success Operations & Enablement

Blockchain • Fintech • Payments • Consulting • Cryptocurrency • Cybersecurity • Quantum Computing
Remote or Hybrid
São Paulo, BRA
38800 Employees

Similar Companies Hiring

Munchkin, Inc. Thumbnail
Consumer Web • eCommerce • Food • Kids + Family • Design • Manufacturing
Milton, Ontario
325 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees
Bankrate Thumbnail
Artificial Intelligence • Consumer Web • Digital Media • Fintech • Marketing Tech • Software • Financial Services
US
160 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account