Product Security Engineer (2027)

Hiring expert Product Security Engineers to be part of a young and leading Enterprise SaaS Product Company that's redefining the Loyalty domain!

AboutLJI

Loyalty Juggernaut (LJI) is a leading B2B SaaS company redefining how enterprises drive customer engagement and loyalty. Our flagship platform, GRAVTY, enables global brands to transform loyalty programs into measurable, revenue-generating growth engines.

Built as an AI-first, next-generation solution, GRAVTY empowers organizations to deliver highly personalized, real-time experiences at scale-helping them increase customer lifetime value and deepen brand relationships.

Headquartered in Palo Alto, California, LJI partners with leading enterprises across 16 major industries including airlines, retail, hospitality, financial services and telecommunications powering some of the most innovative loyalty ecosystems worldwide.

OurGlobalImpact:

• 400+Millionmembersconnectedthroughourplatform.
• 100+GlobalBrandstrustustodriveloyaltyandbranddevotion.
• 3-TimeWinnerof"BestTechnologyInnovationinLoyalty".
• GlobalrecognitionsforExcellenceinLoyaltyManagementundernumerouscategories.
• Recognisedasa'Strongperformer'inTheForresterWaveLoyaltyPlatforms,Q42025.

Exploremoreaboutusatwww.lji.io

As a Product Security Engineer, you'll to ensure the security ofGRAVTYthroughout the development lifecycle. In this role, you will work closely with Engineering, DevOps, and Product teams to design and implement security controls, identify vulnerabilities, and drive secure coding practices.

Your responsibilities will include and not limited to

• Lead and conduct Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, and infrastructure.
• Think like an attacker and simulate advanced threat scenarios to proactively identify security gaps.
• Utilize leading security tools such as Burp Suite, Acunetix, OWASP ZAP, Snyk, Wiz, and others.
• Leverage offensive security platforms and toolkits like Wireshark, Metasploit, Kali Linux, and more.
• Perform API and mobile platform security testing, including vulnerability discovery and exploit validation.
• Execute and document Open-Source Intelligence (OSINT) investigations.
• Collaborate closely with DevOps/Engineering to integrate security tools into CI/CD pipelines and promote DevSecOps best practices.
• Contribute to secure coding reviews and vulnerability triage, and assist in patch, compliance, and access control management.
• Monitor and respond to production security alerts and assist with security incident handling.

To be successful in this role, you should have

• A bachelor's degree in engineering, preferably CS/IT.
• 0-1 year of proven experience in penetration testing and vulnerability management.
• Strong coding/scripting proficiency in Python, Java, Ruby, or similar.
• Familiarity with AWS cloud, Linux systems, Docker containers, and infrastructure security practices.
• Industry-recognized certifications like CEH, eWPT, eWPTX, or equivalent are a plus.
• Excellent analytical, communication, and collaboration skills.
• A curious mind, a passion for security, and a knack for staying one step ahead of adversaries.