Remote Product Security Engineer (Remote)
Posted
This job is closed
This job post is closed and the position is probably filled. Please do not apply. Automatically closed by a robot after apply link was detected as broken.
Description:
- The Product Security Engineer will assist in ensuring the Secure Development Lifecycle processes, security automation technologies, and security hardening strategy across the product at iHerb.
- Responsibilities include leading security design reviews and threat modeling, evaluating, prototyping, implementing, and operating security-focused tools and services.
- The role involves developing new secure architecture standards, frameworks, and patterns, understanding and analyzing emerging security threats, and proactively implementing mitigations.
- The engineer will participate in security assessment, penetration testing, bug bounty programs, and security incident response.
- Collaboration with development teams globally to define new security capabilities and partnering with leaders across the organization to deliver company-wide security initiatives is essential.
Requirements:
- Demonstrated technical foundation and solid understanding of common application and infrastructure security vulnerabilities and mitigations.
- Proficiency in implementing Secure Development Lifecycle processes, technology, and automation in a DevOps environment.
- Experience with large-scale web applications, microservices, API design, access management, authorization, authentication, data protection, and encryption.
- Excellent problem-solving, critical thinking, collaboration, and communication skills.
- Active contribution to the security community through research, open source projects, publications, etc.
- Knowledge of major programming languages and frameworks such as Python, C# .NET, JavaScript, node.js, Java.
- Three plus years of technical security experience at top-tier software companies, including experience with security products, threat modeling, security design, cryptography, mobile security, and cloud computing technologies.
- Computer Science/Engineering degree or equivalent experience with the ability to translate technical vulnerabilities into organizational risks.
Benefits:
- Eligibility for medical, dental, vision, basic life insurance programs, and enrollment in the company's 401(k) plan.
- Time off, paid sick leave, and paid holidays throughout the calendar year.
- Potential awards of Restricted Stock Units and annual bonuses based on eligibility and performance criteria.
- Comprehensive benefits available, visit iHerbBenefits.com for more information.
About the job
Posted on
Job type
Salary
Location requirements
Position
Experience level
Technology stack
I
