Senior Product Security Engineer

Secure our applications, improve our security posture, and integrate security into the software development lifecycle

Location

Remote [Poland]

Annual Fee

100,000 - 130,000

Attio is on a mission to redefine CRM for the AI era.

We’re building the first AI-native CRM — designed for the most ambitious go-to-market teams. Backed by top VCs including Redpoint, Balderton, and Point Nine, our team thrives on solving complex technical challenges, delighting our users, and setting a new standard for the industry.

About the role

Our Engineering team tackles the toughest challenges, so our users never have to. Real-time infrastructure, AI-native architecture, and a frontend that feels effortless - all powered by a team that moves fast, thinks rigorously, and holds an exceptionally high bar for quality.

Attio Engineering is organized into small product teams (3-4 engineers plus a designer) that independently own sections of the product. Our engineers are empowered as Product Engineers, with work extending beyond code to full ownership of product impact.

We’re looking a Senior Product Security Engineer who thrives on complexity, builds for scale, and wants to help reinvent how millions of people work.

What you'll do

  • Work together with Product Engineers and Site Reliability Engineers to keep the Attio product and customer data secure

  • Catch security bugs through testing, scanning, and code reviews before they hit production

  • Facilitate and participate in penetration testing projects

  • Build and maintain a comprehensive threat model for various Attio applications

  • Protect Attio code from supply chain attacks

What you'll bring

  • Experience securing Web applications, REST APIs, and cloud-native architectures

  • Proficiency in threat modelling and finding security flaws in source code

  • Experience with vulnerability management and supply chain security

  • Practical understanding of cryptography, key management, and data protection

  • Strong coding and automation skills, especially in building security into CI/CD pipelines

  • Experience with TypeScript, Node.js, or Pulumi is a nice to have

What does the hiring process look like?

  1. An introductory call with a member of our Talent team ~ 30 minutes

  2. A meeting with a member of Attio's SIP team to discuss your experience and aspirations ~ 45 minutes

  3. Technical Interviews

  4. A meeting with Attio's CTO to discuss your technical experience ~ 45 minutes

  5. Final call with Attio’s CEO to discuss our culture and values ~ 30 minutes

  6. Offer stage

A lot of our interviews are enabled through self-scheduling but we are always on hand to speak to you or answer questions throughout the process. At the offer stage, you may want to speak to more of the team, see a demo or have other suggestions for us to enhance your experience.