The Product Security Engineer is responsible for ensuring the security of Wave's products throughout their lifecycle, focusing on protecting software, hardware, and firmware from vulnerabilities and cyber threats, aligning with business goals and compliance standards. This role also consults with security adjacent stakeholders and business units to provide suggestions, education, guidance and feedback from a security perspective.

Lead infrastructure and application security initiatives, managing secrets, dependency hygiene, and maintaining secure CI/CD practices. Own internal access controls and role management, enforcing least-privilege principles and improving how we grant, revoke, and manage permissions across environments. Monitor for suspicious activity; extend our audit tooling; grow coverage of logging and traceability.