×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X

Senior Product Security Engineer

Job in Brampton, Ontario, Canada
Listing for: Function Health
Full Time position
Listed on 2026-06-01
Job specializations:
  • Software Development
Job Description & How to Apply Below

Company Overview

Function Health is the AI operating system for health, designed to empower people to live 100 healthy years. We are redefining how individuals understand, measure, and improve their health by moving beyond reactive care and enabling proactive, data-driven insight into human biology. Function has been recognized as one of Fast Company’s Most Innovative Companies of 2024, and is venture-backed by Andreessen Horowitz (a16z).

Hundreds of thousands of members have joined Function to take control of their health.

Through advanced diagnostics, deep biomarker testing, longitudinal data, and AI-enabled insights, Function equips members with actionable intelligence to take control of both the quality and length of their lives.

Function recently announced a $298M Series B and is entering its next chapter of growth. As we scale, the quality and durability of our People systems, data, and insights will directly shape our ability to attract, retain, and support exceptional talent.

We are growing our team and seeking out world‑class talent that deeply believes in our mission to positively impact global health, has a relentless bias toward action, and a growth mindset. Function fosters a collaborative and dynamic environment where every day we build the future.

Senior Product Security Engineer

Function Health is building out a dedicated product security team to protect our members and platform as we scale. As a Senior Product Security Engineer, you’ll work shoulder‑to‑shoulder with engineering and product teams to embed security into every stage of development: design, code, test, and deploy. This role is hands‑on and impact‑driven. You’ll be expected to identify risks, build guardrails, and ship tools that raise the security bar without slowing teams down.

Our engineering org is moving toward AI‑first code review, autonomous adversarial testing, and security gates that run without human approval for low‑risk changes. You’ll be building the systems that make that possible and safe. If you’ve been waiting for a security role where the answer to “can we automate this?” is usually yes, this is it.

We’re looking for someone who thrives on solving hard technical problems, knows how to build security into systems the right way, and is excited about what AI‑assisted engineering means for the future of the discipline.

Key Responsibilities
  • Design and deploy AI‑powered security agents into CI/CD: automated code review, risk classification, escalation logic, and where possible, auto‑remediation.
  • Build and operate the security tooling layer across our pipelines: SAST, SCA, secrets scanning, IaC validation, and supply chain integrity checks.
  • Conduct threat modeling, secure design reviews, and manual security assessments across our apps, APIs, and infrastructure.
  • Find vulnerabilities through proactive testing, not just scanner output, and drive them to remediation.
  • Partner with engineering teams across our product pillars as the embedded security voice in the room, without being a blocker.
  • Own the rollout of secure‑by‑default development frameworks and controls.
  • Connect application‑level telemetry to detection and response systems.
  • Contribute to incident response and postmortems when product security is involved.
  • Shape our long‑term product security strategy and roadmap.
Qualifications / Skills
  • 5+ years of experience in product or application security, software engineering, or a combination of both.
  • Have built or operated AI‑assisted security tooling, whether that’s an agent doing code review, an automated triage pipeline, or custom security automation you designed from scratch.
  • Strong Python experience. Familiarity with FastAPI, Lang Chain, or agentic frameworks is a plus.
  • Deep fluency in identifying and exploiting web, API, and application vulnerabilities, well beyond OWASP Top 10.
  • Experience embedding security into CI/CD, not just recommending it.
  • Can guide engineers through secure design decisions without slowing them down.
  • Write documentation and design docs without being asked.
  • Bonus: experience with HIPAA or healthcare data, red teaming, or security architecture at scale.
Core Values
  • Ruthless Prioritization:
    • We don’t let…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search