Product Security Engineer

Our client is at the forefront of innovation in the Internet of Things (IoT) industry, developing cutting-edge solutions that connect devices, secure data, and drive the future of connected technology. They need to ensure that security is embedded at every layer of their product and infrastructure to protect customers and their data.

To do this, they are seeking a highly skilled Product Security Engineer to join their growing security team. In this role, you will lead security initiatives across cloud infrastructure, product security, and DevSecOps, ensuring that our IoT solutions are secure by design. You will collaborate with software developers, DevOps engineers, and product teams to integrate security best practices throughout the software development lifecycle (SDLC).

Responsibilities

• Design, implement, and manage security solutions for IoT devices, cloud platforms, and applications.

• Lead security assessments, threat modeling, and penetration testing to identify and mitigate risks.

• Develop and implement DevSecOps practices to embed security into CI/CD pipelines.

• Conduct code reviews, security audits, and vulnerability assessments for software applications.

• Work closely with software engineers to develop secure coding guidelines and best practices.

• Monitor and respond to security incidents, implementing remediation measures as needed.

• Collaborate with compliance teams to ensure adherence to security regulations and standards (e.g., ISO 27001, NIST, GDPR).

• Research emerging threats, vulnerabilities, and security trends in IoT and cloud environments.

• Mentor junior engineers and provide guidance on security best practices.

Requirements

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.

• 5+ years of experience in cybersecurity, with a focus on cloud security, product security, and DevSecOps.

• Strong understanding of security principles for IoT ecosystems, embedded systems, and cloud-native applications.

• Experience with cloud security architecture and services (AWS, Azure, or GCP).

• Proficiency in secure software development and best practices in programming languages such as Python, C/C++, or Java.

• Hands-on experience with security tools such as SAST, DAST, SIEM, IDS/IPS, and container security solutions.

• Deep knowledge of cryptography, authentication mechanisms, and access control models.

• Familiarity with security frameworks and standards like OWASP, CIS Benchmarks, and Zero Trust Architecture.

• Experience implementing security automation in DevOps environments using tools like Terraform, Kubernetes, and CI/CD pipelines.

• Excellent problem-solving skills and the ability to work independently in a fast-paced environment.

Nice to Have

• Relevant security certifications such as CISSP, OSCP, CEH, or AWS Security Specialty.

• Experience in hardware security, firmware analysis, or reverse engineering.

• Knowledge of blockchain or secure edge computing in IoT environments.

What We Offer

• Competitive salary and benefits package.

• Opportunity to work on innovative IoT security challenges.

• Flexible work arrangements (remote/hybrid options).

• A collaborative and supportive team environment.

• Professional development and training opportunities.