Security Engineer
Validately
We’re UserTesting—the leader in human insight. Our mission is to help organizations craft exceptional customer experiences through fast, actionable feedback.
We empower teams to build the best products and experiences by embedding real human perspectives into every stage of the development process—from ideation to launch. With the world’s strongest participant network, AI-powered analysis, expert services, and seamless integrations, we help companies eliminate guesswork, align stakeholders, and bring customer needs into sharp focus.
Trusted by more than 3,000 organizations worldwide—including 75 of the Fortune 100—UserTesting delivers measurable business outcomes, reduces risk, and helps teams deliver with confidence. Joining our team means being part of a passionate group focused on transforming how companies understand and connect with their customers.
Let’s build experiences people love—together.
The Team
Our Security Team proactively safeguards our organization's information and assets, ensuring a robust security posture against threats and vulnerabilities
Job Summary
As a UserTesting Security Engineer, you will work alongside the Engineering Team to define the safeguards that need to be incorporated into new and existing Platform features. We are responsible for the definition and maintenance of a Secure Software Development Lifecycle (S-SDLC), as well as for vulnerability management.
Duties/Responsibilities:
Support the R&D Team in any new feature development by defining its security requirements
Take care of the security aspects of our infrastructure in terms of its design and daily operations
Collaborate and work with the R&D Team to embed Security Testing in our SDLC
Conduct security reviews and threat modelling for new and existing systems to identify potential risks early
Partner with DevOps and Platform teams to automate security controls, monitoring, and compliance checks
Lead and coordinate vulnerability management activities, including assessment, prioritization, remediation tracking, and reporting
Drive security enablement by mentoring engineers, providing training, and promoting secure coding and design practices across teams
Required Skills/Abilities:
Technical knowledge in application security, cryptography, authentication and authorization in cloud environments.
Experience ensuring applications are secure throughout the software development lifecycle
Amazon Web Services previous experience and/or related certifications (i.e. AWS Solutions Architect, AWS Security Specialty, OSCP, CISSP, CISA…)
Interest in the Security as Code approach (i.e. security infrastructure implementation through Terraform, CloudFormation...)
Previous experience on penetration testing
Advanced English speaker.
Our Benefits
Private health & dental coverage
Generous paid leave (vacation, sick days, parental leave)
Learning & development budget (courses, conferences, training)
Remote-first culture with flexible working arrangements
Home office stipend / equipment support
UserTesting is an Equal Opportunity Employer and a participant in the U.S. Federal E-Verify program. Women, minorities, individuals with disabilities and protected veterans are encouraged to apply. We welcome people of different backgrounds, experiences, abilities and perspectives. UserTesting will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance, as applicable.