Senior Product Security Engineer

As MISO's Senior Product Security Engineer, you will help strengthen the security of systems that support the reliable delivery of electricity to millions of people. You will serve as a subject matter expert across IT, software engineering, and product teams to ensure that security is embedded throughout the entire product lifecycle, from design through deployment and end of life. This role focuses on building and scaling secure development practices so that engineering teams can consistently create secure, resilient applications. You'll help shape security-first development processes, identify vulnerabilities early, and partner with teams across the organization to reduce risk and improve product security at scale.

Your responsibilities as our Senior Product Security Engineer will include:

• Establishing and maturing application security practices, processes, policies, and standards for internally and externally developed applications across on-premises and cloud environments, leveraging frameworks such as NIST SSDF/CSF and standards like OWASP ASVS to define and verify security requirements.
• Educating and enabling development teams to adopt secure coding practices and embed security into everyday engineering workflows, partnering across IT, engineering, and product teams to promote a security-first culture.
• Conducting security architecture reviews and threat modeling to ensure applications are designed with strong security controls and align with organizational and industry best practices.
• Implementing and executing application security testing, including SAST and DAST, and integrate automated security tools within CI/CD pipelines to detect vulnerabilities early in the development lifecycle.
• Identifying, triaging, and tracking application vulnerabilities, collaborating with developers and cybersecurity teams to prioritize remediation, support incident investigations, and continuously assess product ecosystems and third-party integrations for potential risks.

Skills needed for our Senior Product Security Engineer:

• Bachelor's degree in Computer Science, Information Security, or a related field, with strong understanding of authentication, networking, encryption, and core security principles.
• At least 5+ years relevant work experience
• Proven experience implementing secure coding practices and development frameworks at enterprise scale, with deep knowledge of common web application vulnerabilities (OWASP Top 10) and remediation techniques.
• Hands-on experience with SAST and DAST, as well as integrating automated security testing into CI/CD pipelines (GitHub Actions preferred).
• Proficient in two or more programming languages (Python, Java, JavaScript, C#) and scripting languages such as Bash or PowerShell.
• Ability to work effectively with engineering, cybersecurity, and product teams, leading through influence to drive security adoption and best practices.

Certifications that are a bonus:

• GWEB - GIAC Web Application Defender
• CSSLP - Certified Secure Software Lifecycle Professional.
• GMLE - GIAC Machine Learning Engineer

Appropriate level will be determined based upon experience and knowledge.

Transformative innovation is happening in the electric industry, from digitalizing homes and distributed resources to renewable energy and an ever-changing grid. MISO manages the electricity superhighway in the Central U.S. and through use of groundbreaking research and advanced technology, our highly skilled employees ensure power flows reliably to 45 million Americans. Operating the electricity grid, running a robust energy market, planning for a bright future - it's what our immensely hardworking and dedicated team does every day.

The base salary compensation range being offered for this role is $140,000 - $165,000 USD annually. Base salary range for this position is included in accordance with requirements of various state/local pay transparency legislation. Please note that salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, and qualifications/experience.

Position is also eligible for an annual bonus if individual performance and company objectives are met. At MISO we offer a comprehensive benefits package, including 401k, vacation, sick and safe time, available on your first day of employment.

#DiscoverMISO #MISOCareers #lifeatMISO #weareMISO

MISO, What We Do

#LI-ONSITE
#LI-JH1