🌎 United States - fully remote
130000 180000 YEAR USD
💰 USD 130K - 180K / year

MaxMind ( is looking for a talented, experienced, and highly motivated Product Security Engineer. We help protect thousands of companies worldwide from fraud, screening over a billion online transactions each year, and we provide IP intelligence data to thousands more. We want your expertise in supporting MaxMind’s product and development teams in the area of application security. This is a great opportunity for an experienced security engineer to execute their vision of what an effective and robust DevSecOps program should be.

We are hiring anywhere in Canada and in the following US states: CA, CO, FL, LA, MN, NV, NY State (excluding New York City and Yonkers), NC, OR, PA, TX, WA. 

MaxMind does not currently sponsor US employment visas. For Canadian candidates, you must be eligible/authorized to work in Canada.

The Position

MaxMind employs a federated security operating model in order to move quickly and integrate security expertise in the engineering and development teams. Working with the Information Security Manager and Software Architects, you will have ownership of MaxMind’s secure software development practices.

Our salary range for Security Engineer roles begins at $130,000 USD or $160,000 CAD (in Canada), with the specific offer depending upon skills and experience. See more about benefits and compensation below. 

This is a full time remote position.

On any given day you may end up doing any of the following:

  • Conduct design reviews with engineers to make sure the right security features are making it into the products - taking into consideration the domestic, international, and industry security and privacy regulations and frameworks.
  • Participate in and support application security reviews and threat modeling, including: Secure code review. Support the code review process by providing 1-1 guidance, group training, creating documentation as needed, and performing ad hoc secure code review as needed. Dynamic testing, using tools like Burp Suite or mitmproxy for examining app interactions.
  • Design and drive application security vulnerability management across different technologies. You will coordinate with engineering teams to validate findings, prioritize findings/assets, remediate and verify mitigations, and internal reporting for management.
  • Assist with vendor reviews by evaluating new and existing vendors. As well as evaluating tools, libraries, services, and other software for security and privacy issues.
  • Coordinate the creation and maintenance of technical security documentation.
  • Identify areas for internally created and externally provided application security training.
  • Assist in development of automated tooling and processes to support our internal operations. For example, creating audit scripts to help with compliance efforts.  
  • Assist with risk assessments and security questionnaires.
  • Practice security assurance by identifying and directing areas to enhance monitoring in order to verify that policy and procedures are adhered to and that controls are operational.
  • Lead Information Security policy creation and maintenance of application and developer focused policies by refactoring security policies and standards to focus on the right controls, using ISO 27001, SOC, OWASP, and NIST frameworks.
  • As a member of the incident response team, assist with the overall lifecycle of an incident, from triaging to lessons learned.

About You - Minimum Qualifications

  • Experience commensurate with 5 years of work in an application, product, or security engineering related role.
  • Experience with coding and reading multiple programming languages in the context of web services and secure coding practices.
  • Knowledge of penetration testing techniques and ability to implement them appropriately.
  • Ability to configure, operate, and tune vulnerability scanning tools.
  • Ability to lead threat modeling.
  • Strong knowledge of secure development practices for web applications and services, and capability to train others in them.

Highly desired, but not required

  • Front-end and/or back-end development experience.
  • Experience working with static and/or dynamic programming languages.
  • Go and/or Perl experience. The primary programming languages at the company are Go, Perl and JavaScript/TypeScript, but we are happy to hear from people with experience in other languages.
  • Ability to develop expertise in Go, Perl and JavaScript/TypeScript,.
  • SQL databases, ideally PostgreSQL.
  • Application security experience in a cloud environment

Why work at MaxMind?

In a recent survey, employees listed having a supportive work culture, good co-workers, autonomy, and feeling trusted, valued, and respected as some of the things they like most about working here.

MaxMind has a social mission. MaxMind donates over 60% of profits to charities. 

MaxMind’s compensation strives to reward getting stuff done, quality of work, and working well with others.

Working at MaxMind

Our culture is very important to us. We’re friendly, collaborative, and work-focused. We don’t like office politics and unnecessary stress. We like to have productive workdays and don’t like work to chase us when we’re done for the day. We maintain a set of core, overlapping hours, but are flexible with specific start and end times and are understanding about appointments and life events. We care about helping each other succeed.

Normally, we hold a company summit one time per year in Waltham, MA.


In addition to competitive compensation, our US benefits include medical, dental, vision, life, and short and long term disability insurance, a Safe Harbor 401(k) with employer contribution, Health Savings Account, Limited Purpose Flexible Spending Account, Dependent Care Account, paid parental leave, and public transit reimbursement. 

Our Canadian benefits include medical, dental, vision, life, accidental death and dismemberment, critical Illness, short and long term disability insurance, Employee and Family Assistance Program, and paid parental leave. You also have access to a group Registered Retirement Savings Plan. In lieu of a Canadian RRSP contribution we provide a bonus payout at the end of each year that employees may decide to use toward retirement savings.

Everyone participates in a company performance-based bonus plan. MaxMind offers a $2,000 professional development budget and five days for professional development annually. 

Diversity and Inclusion

We're committed to diversity and inclusion and are mindful of incorporating them into all aspects of our company. 

We encourage and sincerely welcome applications from candidates of color, women, queer candidates, candidates with family caregiving responsibilities, transgender candidates, and from other communities not well represented in the tech world.

See our complete diversity and inclusion statement - 

Resumes without cover letters will not be considered. We want to know about you. Please tell us why you’re interested in MaxMind and in this position in particular. Please share any projects or accomplishments and include a link so we can learn more. One of the first steps in our interviewing process is a homework assignment, and we will ask you for a submission so we can gain insight into your work.

Does this job really require Go skills? If not, please report it and we will take a look.