Security Engineer, Product Security

Why Rogo

At Rogo, we are building Wall Street's first true AI analyst. Our mission is to empower finance professionals at the world’s top investment banks, private equity funds, and investment firms with AI that delivers unparalleled speed, accuracy, and insight. We are not just improving financial workflows; we are redefining them from the ground up.

This is a unique opportunity to join a generational company at a key inflection point. With a rapidly growing client base, proven product-market fit, and backing from world-class investors, we are scaling quickly and defining a new category of enterprise AI.

Our team is sharp, motivated, and deeply committed to the mission. We operate with intensity, take ownership of complex problems, and stay relentlessly focused on our users. If you thrive in a fast-paced environment, demand excellence, and want to help build the future of finance, we invite you to join us.

The Role

As a Security Engineer at Rogo, you’ll play a key role in strengthening the security of our products, applications, and cloud environments. You’ll identify and address vulnerabilities through code reviews, penetration testing, and security assessments, while also building tools and automation that improve how we protect our AI-driven platform.

You’ll partner closely with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and automated scanning are part of everyday workflows. Beyond engineering, you’ll provide guidance to stakeholders and help continue to foster a culture where security is a shared responsibility.

What You Will Own

As a Product Security Engineer at Rogo, you will drive product and application security by designing and building backend systems, abstractions, tooling, and guardrails that enable the entire engineering team to ship products secure-by-default.

• Design, build, and maintain backend features, frameworks, services, and automation that enforce security controls across the platform.

• Perform dynamic security reviews, threat modeling, and penetration testing of applications and APIs.

• Own the end-to-end implementation of automated security reviews within Rogo’s SDLC.

• Contribute directly to backend codebases by fixing and remediating vulnerabilities discovered via SAST, DAST, SCA, IaC, or internal tooling.

• Design and implement security tools and automated pipelines that streamline developer workflows and integrate deeply with Rogo’s platform.

• Build and maintain test environments and simulation ranges to validate security controls at scale.

• Partner with engineers across the company to embed secure coding practices and guardrails into CI/CD pipelines.

• Create and maintain secure coding standards and provide guidance and training to developers.

• Review and secure cloud infrastructure and kubernetes deployments, including hands-on Terraform and other IaC improvements, as it relates to product security.

• Respond to security incidents, perform root cause analysis, and strengthen systems against recurring risks.

• Share emerging security threats, patterns, and best practices with engineering and leadership teams.

Great Candidates Often:

• Strong backend engineer whose primary job is to design, build, and maintain the abstractions, tooling, and guardrails that allow the entire engineering team to ship product securely by default, without slowing down velocity.

• Worked as a backend engineer owning systems, services, or platforms, building security capabilities directly into those systems.

• Professional experience developing in a strongly typed language (e.g., Rust, C++, Java).

• Demonstrated deep experience in application security testing, penetration testing, and code review.

• You’ve worked with, or are excited to learn, tools that help you understand how systems behave under stress or misuse (security-specific tools like Burp, ZAP, or Snyk are a plus)

• You’ve integrated automated checks into CI/CD pipelines (SCA, SAST, DAST)

• You’re comfortable working with infrastructure automation (Terraform or equivalents).

• Strong communication skills and ability to collaborate with developers, product teams, and leadership.

• Applied knowledge of threat modeling, cryptography fundamentals, and vulnerability management.

• Understanding of security frameworks such as SOC 2, CIS Benchmarks, ISO 27001/42001, or NIST CSF.

Bonus:

• Hands-on cloud security experience in AWS or GCP.

• Familiarity with Kubernetes security (RBAC, admission controllers, ingress, and network policies).

• Customer facing meetings when deep dive sessions are needed.

Who You Are

• You thrive in fast-paced environments. You are high-intensity and care a lot about what you do, and you're ecstatic to work at a startup.

• You are ambitious. You have fun solving problems that others think are impossible.

• You are curious. You find joy in learning about AI, technology, and finance.

• You are an owner. You are autonomous, self-directed, and comfortable working with ambiguity.

• You are collaborative, organized, thoughtful, and kind.

Why Join Rogo?

• Exceptional traction: strong PMF with the world's largest investment banks, hedge funds, and private equity firms.

• World-class team: we take talent density seriously. We like working with incredibly smart, driven people.

• Velocity: we work fast, which means you learn a lot and constantly take on more.

• Frontier technology: we're developing cutting-edge AI systems, pushing the boundaries of reinforcement learning and published research, redefining what's possible, and inventing the future.

• Cutting Edge Product: Our platform is state-of-the-art and crazily powerful. We're creating tools that make people smarter, reinventing finance works.