Product Security Engineer
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
About the Role
We are seeking an experienced Product Security Engineer to join our team and help build security into every aspect of our product development this role youll work closely with engineering product and DevOps teams to identify assess and mitigate security risks while enabling rapid and secure product delivery.
Key Responsibilities
Threat Modeling & Risk Assessment
Design and conduct comprehensive threat modeling sessions for new features and system architectures
Identify potential attack vectors and security vulnerabilities early in the development process
Collaborate with product and engineering teams to prioritize security requirements based on risk assessment
Develop and maintain threat models for existing and new products
Security Testing & Validation
Perform security testing of web applications mobile applications and APIs
Conduct static and dynamic application security testing
Execute penetration testing and vulnerability assessments
Review code for security vulnerabilities and provide remediation guidance
Validate security controls and defensive measures
DevSecOps Integration
Implement and maintain Static Application Security Testing (SAST) tools in CI/CD pipelines
Deploy and optimize Dynamic Application Security Testing (DAST) solutions
Establish cloud security best practices and tooling for AWS environments
Build security gates and quality checks into development workflows
Collaborate with DevOps teams to secure infrastructure as code
Security Automation & Tooling
Develop automated security testing frameworks and scripts
Build tools and integrations to streamline security processes
Automate vulnerability scanning and reporting workflows
Create self-service security tools for development teams
Implement security orchestration and response automation
Security Analytics & Monitoring
Design and implement security metrics and KPIs for product security
Analyze security testing results and trends to identify systemic issues
Build dashboards and reporting for security posture visibility
Conduct security data analysis to inform strategic decisions
Monitor and respond to security alerts and incidents
Cross-functional Collaboration
Partner with engineering teams to provide security guidance and support
Educate developers on secure coding practices and security requirements
Work with product managers to balance security and business requirements
Collaborate with infrastructure and platform teams on security architecture
Required Qualifications
5 years of experience in product security application security or related cybersecurity roles
Strong background in threat modeling and secure design review.
Extensive experience with web application security testing and mobile application security for iOS and Android platforms
Hands-on experience with DevSecOps practices and security tool integration
Proficiency with SAST DAST Cloud Security tools
Experience with security automation and scripting (Python Bash)
Background in security analytics and data analysis for security insights
Preferred Qualifications
Experience with container security (Docker Kubernetes)
Knowledge of infrastructure as code security (Terraform CloudFormation)
Familiarity with security frameworks (NIST ISO 27001 SOC 2)
Experience with bug bounty programs and responsible disclosure
Experience with compliance requirements (PCI DSS GDPR)
Key Skills
- APQP
- Six Sigma
- GD&T
- Root cause Analysis
- CAD
- Project Leadership
- SolidWorks
- Mechanical Engineering
- Quality Management
- Product Development
- Catia
- Manufacturing
