CrawlJobs Logo

Product Security Engineer

https://www.hpe.com/ Logo

Hewlett Packard Enterprise

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

101900.00 - 234500.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

This role involves working primarily from home as a Product Security Engineer focusing on Federal Certifications. Key responsibilities include ensuring compliance with certification standards, consulting with developers and QA, generating documentation, and aligning with government standards. This role requires experience in software development, certification schemes, and cryptographic modules.

Job Responsibility:

  • Assist in the execution of Common Criteria, FIPS, and DoDIN-APL certifications across all HPE Aruba Networking product lines
  • Operate as a representative of HPE Aruba Networking with various accredited labs during the evaluation process
  • Assist in the generation of documentation (e.g. FIPS security policies, CC security targets), whether creating/editing directly or working with an external author
  • Provide consulting, information, and advice to developers and QA around how certification works
  • Attend regularly scheduled meetings with accredited labs and engineering/QA to ensure project milestones are on track
  • Communicate gaps and deficiencies found by accredited testing labs to the relevant engineering and product teams to ensure remediation
  • Monitor government standards and communicate to management and engineering when changes are made that may impact a release
  • Assist in the development, compliance, and maintenance of FIPS compliant cryptographic module(s).

Requirements:

  • BS in Electrical Engineering, Computer Science, or related technical field
  • Background in software engineering including C/C++, Python and/or Golang
  • Ability to read and understand source code in C is a must
  • Minimum 2 years of experience working with cryptographic modules in a technical capacity
  • Minimum 3 years of experience in software development of cryptographic modules
  • Minimum 3 years of experience with certification schemes, including Common Criteria, FIPS, DoDIN
  • Minimum 4 years of experience in a position handling government certifications or security testing.

Nice to have:

  • Relevant industry certifications such as CISSP, CSSLP, ISSEP
  • Ability to work largely unsupervised
  • Strong project management skills
  • Knowledge of emerging standards outside of the US, such as EUCC, EUCRA, and ITSAR.
What we offer:
  • Health & Wellbeing
  • Comprehensive suite of benefits supporting physical, financial, and emotional wellbeing
  • Personal & Professional Development
  • Programs catered to career growth
  • Unconditional inclusion and flexibility to manage work and personal needs.

Additional Information:

Job Posted:
June 13, 2025

Employment Type:
Fulltime
Work Type:
Remote work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Product Security Engineer

New

Security Engineer - Product & Production Infrastructure

Wiz is looking for a Security Engineer for Product & Production Infrastructure w...
Location
Location
United Kingdom
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security engineering or security operations work in cloud environments
  • AWS platforms and services (we will also consider equivalent experience in Azure and GCP)
  • Kubernetes (AWS EKS) and container infrastructure
  • IAM and managing cloud identities at-scale
  • Secure development and application of IAC solutions (Terraform, Helm)
  • Cloud-native observability and management tools
  • Development experience in Go, Python and Rust
Job Responsibility
Job Responsibility
  • Lead threat modeling and security review exercises across Wiz’s production and CI/CD environments – identifying and mitigating risks in our products and the cloud services that support them
  • Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls
  • Extend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
  • Build deep functional partnerships with Wiz’s engineering and operations teams – helping them deliver secure-by-design solutions
Read More
Arrow Right
New

Security Engineer - Product & Production Infrastructure

Wiz is looking for a Security Engineer for Product & Production Infrastructure w...
Location
Location
United States
Salary
Salary:
204000.00 - 281000.00 USD / Year
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in security engineering or security operations work in cloud environments
  • Strong AWS cloud security experience (we will also consider equivalent experience in Azure and GCP)
  • Cloud native Kubernetes services (EKS/GKE/AKS) and strong container security principles
  • Deep understanding of securing IAM and cloud identities at scale
  • Proven ability to lead technical security reviews of products and architectures, conduct threat modeling exercises, and translate findings into actionable security controls
  • Practical understanding of web application security concepts (such as OWASP Top-10 and similar)
  • Hands-on experience with IAC and related tools (Terraform, CloudFormation, Helm, Pulumi)
  • Experience with automation and tooling development in one or more: Python, Go, Shell, HCL, Rego
Job Responsibility
Job Responsibility
  • Lead threat modeling and security reviews across Wiz's products and cloud infrastructure, identifying attack surfaces and developing scalable mitigation strategies
  • Build automation, policy-as-code, and security tooling that enables development teams to "shift left" and integrate end-to-end security into their workflows
  • Design and implement secure baselines for cloud resources and Kubernetes based infrastructure
  • Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls in software supply chains from development through production
  • Extend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
  • Collaborate with our Wiz Federal team – extending our DevSecOps and Product Security practices to Wiz's FedRAMP environment and ensure it meets key security requirements
  • Build deep functional partnerships with Wiz's engineering and operations teams – helping them deliver secure-by-design solutions
What we offer
What we offer
  • Medical, dental and vision insurance
  • Home Office Setup reimbursement
  • Flexible Spending Accounts
  • Monthly Connectivity reimbursement
  • Employee Assistance Program (EAP)
  • Short- and Long-term Disability Insurance
  • Life & Accident Insurance
  • 401(k) Retirement Savings Plan (with employer match)
  • Flexible paid time off + 11 paid holidays
  • Paid leave programs, including parental, pregnancy health, medical and bereavement leave
  • Fulltime
Read More
Arrow Right
New

Security Engineer - Product & Production Infrastructure

Wiz is looking for a Security Engineer for Product & Production Infrastructure w...
Location
Location
Germany
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security engineering or security operations work in cloud environments
  • AWS platforms and services (we will also consider equivalent experience in Azure and GCP)
  • Kubernetes (AWS EKS) and container infrastructure
  • IAM and managing cloud identities at-scale
  • Secure development and application of IAC solutions (Terraform, Helm)
  • Cloud-native observability and management tools
  • Development experience in Go, Python and Rust
Job Responsibility
Job Responsibility
  • Lead threat modeling and security review exercises across Wiz’s production and CI/CD environments – identifying and mitigating risks in our products and the cloud services that support them
  • Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls
  • Extend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
  • Build deep functional partnerships with Wiz’s engineering and operations teams – helping them deliver secure-by-design solutions
Read More
Arrow Right
New

Senior Product Security Engineer

Join our Product Security team, where you'll partner with development and game t...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right
New

Senior Product Security Engineer

Ready to make an impact on the security of products from the ground up? Join our...
Location
Location
United States , Austin
Salary
Salary:
Not provided
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a similar field, or equivalent experience
  • At least 5 years of demonstrated experience in application security, ideally within the gaming or technology sectors
  • Validated expertise in pentesting, security architecture, risk management, and securing CI/CD pipelines to ensure seamless and secure software delivery
  • Extensive knowledge of common and complex security vulnerabilities, along with effective mitigation techniques
  • Ability to translate design documents into security-focused guidelines and requirements for product development
  • Adapt quickly to new technologies, languages, and solve challenges outside your expertise
  • Travel: No routine travel required
  • occasional travel as needed.
Job Responsibility
Job Responsibility
  • Develop threat models for a variety of applications and games to prioritize scope and use cases for security testing
  • Execute hands-on penetration tests and red team exercises to identify vulnerabilities in applications, infrastructure, and services
  • Conduct manual and automated secure code reviews in languages such as C#, Java, Python, and JavaScript, providing clear, actionable guidance to developers on vulnerability remediation
  • Triage, validate, and manage vulnerability reports from our bug bounty program, working with external researchers and internal teams on resolution
  • Develop and implement security automation tools to improve the efficiency and effectiveness of security processes
  • Provide security architecture and design guidance to development teams, ensuring secure coding practices are followed
  • Partner with teams to define and execute security strategy, driving security priorities across the organization
  • Stay ahead of emerging security threats, seeking and advocating for new technologies to address complex risks.
What we offer
What we offer
  • Medical (HSA & FSA), dental, vision, 401(k) with company match, employee stock purchase plan, commuter benefits, in-house wellness program, broad learning & development opportunities, a charitable giving platform with company match
  • Fitness allowance, employee discount programs, discounted games & events and stocked pantries.
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

As a Staff Product Security Engineer, you will play a crucial role in safeguardi...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of application security best practices, including experience with threat modeling and risk assessments
  • Demonstrated experience building or improving an SDLC program
  • Familiarity with CI/CD pipelines and their security implications
  • Familiarity with cloud infrastructure (e.g., AWS, Azure, Kubernetes), and Infrastructure-as-Code (e.g., Terraform)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message. You are experienced in communicating with technical and non-technical audiences
  • Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it
  • Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance
Job Responsibility
Job Responsibility
  • Drive the continuous improvement of Dashlane’s security program across the product and company
  • Conduct architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Evaluate and implement security tooling and/or build customized tooling in-house where necessary
  • Participate in Compliance and Incident Response
  • Innovate and propose new forward-looking security features that protect Dashlane and our users
What we offer
What we offer
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption
  • Health insurance covered by Dashlane
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Commute allowance
  • Meal Vouchers (Swile)
  • Mental health services through Spring Health for you and family members
  • 4 extra days off (one per quarter) to acknowledge the importance of your wellbeing
  • Spot in daycare
  • Time off saving account
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane
  • Fulltime
Read More
Arrow Right

Product Security Engineer

About the team: The Security Team is responsible for providing key security capa...
Location
Location
Canada
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience supporting engineering and product implementation efforts by performing threat assessments, assurance activities, advisory as well as, in some cases, implementation work across distributed systems covering web, API, client/server assets
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure), Kubernetes, Cilium
  • Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, client and network fuzzing tools)
  • Significant development and automation experience, ability to work with C++ code
  • Security as code mindset, with focus on solving problems with automation and scale in mind
Job Responsibility
Job Responsibility
  • Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation
  • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows
  • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing
  • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL)
  • Nurture the engineering - security relationship, identify and implement process and technology improvements
  • Handle information security events and incidents across ClickHouse products and services
  • Develop processes, tooling and automation to scale security processes and mitigate risks to the business
What we offer
What we offer
  • Flexible work environment
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Product Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Netherlands
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience supporting engineering and product implementation efforts by performing threat assessments, assurance activities, advisory as well as, in some cases, implementation work across distributed systems covering web, API, client/server assets
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure), Kubernetes, Cilium
  • Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, client and network fuzzing tools)
  • Significant development and automation experience, ability to work with C++ code
  • Security as code mindset, with focus on solving problems with automation and scale in mind
Job Responsibility
Job Responsibility
  • Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation
  • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows
  • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing
  • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL)
  • Nurture the engineering - security relationship, identify and implement process and technology improvements
  • Handle information security events and incidents across ClickHouse products and services
  • Develop processes, tooling and automation to scale security processes and mitigate risks to the business
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy