Senior Product Security Engineer

We are seeking a Senior Product Security Engineer to safeguard the products and services that power the World project. You will proactively embed security into every stage of the development lifecycle, addressing novel security challenges at a global scale to protect our users and ensure the integrity of a protocol designed for the majority of humanity.

Overview

Department

Engineering

Job type

Full time

Compensation

€147,000 - €180,000 per year

Location

Munich, Germany, Western Europe

Resume Assistance

See how well your resume matches this job role with our AI-powered score. By uploading your resume, you agree to our Terms of Service

Click to upload

or drag and drop

pdf, doc, or docx (max. 10MB)

Ready to apply?

You're one step away - it takes less than a minute to upload your resume

About the Company

World is a network of real humans, built on privacy-preserving proof-of-human technology, and powered by a globally inclusive financial network that enables the free flow of digital assets for all. It is built to connect, empower, and be owned by everyone.

About the Team

The Security team at Tools for Humanity operates at a level far beyond a regular company. Our objective is not just to secure an organization, but to build the trusted, foundational infrastructure for the world's largest identity and financial network. We are a team of over 15 seasoned engineers who are central to the success of theWorldprotocol. We tackle a unique and complex threatlandscapethat spans state-of-the-art hardware security for the Orb , advanced cryptography including new zero-knowledge proofs, and the security of a global, distributed cloud and mobile ecosystem. Our work is critical to enabling the protocol to scale to billions of users while upholding an unwavering commitment to fail-safe security and privacy.

About the Opportunity

Lead secure architecture reviews and threat modeling sessions for new application and cloud services.

Engineer and implement automated security guardrails and reusable libraries to make the secure path the easy path for developers.

Perform deep-dive, security-focused code and infrastructure reviews in languages like Rust, Go, and Python.

Own the vulnerability management process, from triaging bug bounty submissions to driving remediation efforts with engineering teams.

Mature and scale our Secure SDLC and bug bounty programs to keep pace with a rapidly growing engineering organization.

About You

You are a pragmatic and deeply technical security engineer who thrives on solving complex problems. You have a builder's mindset and are passionate about shipping secure products with "Extreme Urgency." You are comfortable with ambiguity and are driven by the opportunity to secure systems with world-changing potential.

6+ years of hands-on experience in Product Security, Application Security, or Cloud Security.

Proficient in code review and development in languages like Rust, Go, and Python.

Extensive experience securing modern AWS architectures and developing secure infrastructure-as-code (e.g., Terraform and CDK).

An expert in leading threat modeling sessions and providing actionable guidance to engineering teams.

A strong background in implementing and managing security tooling (SAST, DAST, SCA) and embedding security into CI/CD pipelines.

A deep understanding of web and API security principles (OWASP Top 10) and have experience securing distributed, mobile-first systems.

Nice to have: Experience scaling a security champions program, expertise in Kubernetes (EKS) and container security or a particular interest in securing mobile applications or smart contracts.

What We Offer

Pay transparency statement:

The reasonably estimated salary for this role at TFH ranges from €147,000 - €180,000, plus a competitive long term incentive package. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, TFH offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, vision, a 401(k) plan and match, life insurance, flexible time off, commuter benefits, professional development stipend and much more!

If you don't think you meet all of the criteria but are still interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.