Bonterra

Compensation

Full Description

US Based Salary Range: $100,000 - $130,000 DOE About Us Bonterra exists to propel every doer of good to their peak impact. We measure that impact against our vision to increase the giving rate as a percentage of GDP from 2% to 3% by 2033. We know that this goal is lofty, but we are confident that the right technology and expertise will strengthen trust in the sector, allowing the social good industry to accelerate growth and reach peak impact. Bonterra's differentiated, end-to-end solutions collectively support a unique network of over 20,000 customers, including over 16,000 nonprofit organizations and over 50 percent of Fortune 100 companies. Learn more at bonterratech.com. About the Role As a Senior Product Security Engineer at Bonterra, you will partner closely with product management, engineering, operations, and security teams to help embed security into the software development lifecycle. In this role, you’ll work alongside product and engineering teams to understand upcoming features, architectural changes, and delivery timelines, and help apply security best practices in a practical, risk-based way. You will collaborate with Application Security Engineers, DevOps, and other security partners to support consistent and effective product security practices across Bonterra’s platforms. This includes contributing technical expertise to help identify security risks early, provide actionable guidance to engineering teams, and support security initiatives that enable teams to ship features securely and efficiently. In addition to cross-functional collaboration, you will contribute hands-on by helping identify and remediate security gaps within existing DevSecOps pipelines. You’ll work with DevOps and Application Security teams to assist with implementing and maintaining security tooling and CI/CD controls, such as SAST and DAST checks, while continuously learning and growing your impact within Bonterra’s product security program. What You’ll Do Lead threat modeling and security design reviews for assigned products and services. Partner with product managers and engineering leads to help define practical security requirements and guardrails while reducing friction points. Participation in the grows and evelotion of the Security Champion program helping enable and support secure development practices across the engineering teams. Assess product architectures, data flows, and integrations to identify security risks and provide actionable recommendations for remediation. Collaborate with teams to make informed, risk-based security decisions that consider real-world usage, customer impact, and business priorities. Provide clear, actionable guidance to engineering teams on secure design patterns and implementation patterns. Review and triage security findings from internal testing, bug bounty programs, and third-party assessments. Support vulnerability disclosure and coordinated response with in collaboration with security and engineering partners. Contribute to the development and adoption of secure-by-design patterns and reusable security components. Contribute ideas, feedback, and implementation support toward product security metrics, practices, and roadmap initiatives under the guidance of senior security leadership. Support DevOps and Application Security engineers by identifying gaps and assisting with improvements in existing DevSecOps workflows and CI/CD pipelines. Help implement and maintain security tooling and automation for static Analysis (SAST), dynamic analysis (DAST), and other automated security checks within the CI/CD workflows. Participate in audits and assessments by providing technical input and evidence in coordination with Risk & Compliance teams. Assist customer-facing teams with security reviews and questionnaires by providing technical context and documentation when requested. Stay current on emerging threats, attack techniques, and industry best practices. Requirements 5+ years of experience in product security, application security, or secure software engineering. Strong understanding of product architecture, APIs, and distributed systems. Experience performing threat modeling and security design reviews. Ability to assess security risk in the context of product functionality, customer experience, and business impact. Experience collaborating cross-functionally with product managers and engineering teams. Ability to influence and guide partners through collaboration rather than authority. Working knowledge of modern application development practices, CI/CD processes, and how security integrates into them. Familiarity with security tools including SAST, DAST, SCA, and related DevSecOps controls. Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10), and secure design principles. Experience helping implementing security controls and automations within CI/CD pipelines. Strong communication skills with the ability to translate technical risks into clear, actionable guidance. Experience supporting interactions with external stakeholders such as customers, auditors, or partners on security-related topics. Familiarity with common compliance frameworks such as SOC 2, NIST, ISO 27001, PCI-DSS, and HIPAA. What Sets You Apart Background in software engineering, DevOps, or system architecture. Experience working with SaaS platforms in a product-focused environment. Familiarity with secure cloud architecture and configuration, particularly in AWS environments. At Bonterra, we’re building AI-powered tools to solve real human challenges—and we want teammates who share that enthusiasm. We value people who will champion AI and bring diverse perspectives from different industries, backgrounds, and cultures. Together, we create AI that breaks down barriers, empowers communities, and delivers better outcomes. At this time, we are unable to consider candidates who require current or future sponsorship for employment authorization. ____________________________________________________________________________________ Our Culture At Bonterra, we’re innovating with a higher purpose: to increase giving to 3% of US GDP by 2033, creating $573 billion more in global impact every year. At Bonterra, we foster an inclusive, equitable culture where every team member belongs and contributes to meaningful impact. Read more about our values and culture here. Compensation & Benefits We offer a comprehensive benefits package that supports your health, well-being and growth - explore full details here. Compensation and benefits for this role apply to full-time employees in the United States and may vary based on local standards, laws and norms. Pay is determined by location, skills, experience, and education, and is one part of Bonterra’s total rewards package, which may also include bonuses, incentives, equity, and a comprehensive benefits program. ____________________________________________________________________________________ Equal Opportunity & Accommodations At Bonterra, we are proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We provide equal employment opportunities without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, veteran status, or any other characteristic protected by law. If you require a reasonable accommodation during the application process, please submit a request. For too long, the people behind the scenes of social good have used cumbersome paper and spreadsheets or outdated technology created for sales teams to report on outcomes for their organizations—methods and tools that reduce the amount of time they could spend doing good, fail to uncover valuable insights and details around outcomes of their good work, and even lead to disengagement and turnover. At Bonterra, we’re changing that. We work with nonprofit organizations, public agencies, corporations, philanthropic organizations, and foundations to help connect with donors and volunteers, distribute grants and funds, drive fundraising and grant acquisition, manage casework, and measure outcomes and impact. Today, Bonterra’s technology enables over 15,000 nonprofit organizations do more good and powers more than 50% of the Fortune 100’s philanthropic giving efforts. We exclusively cater to the unique needs of social good organizations with intuitive technology, powerful analytics, and easy-to- use reporting. Quite simply: We power those who power social impact.