We make businesses smarter to improve consumers' lives.

Product Security Engineer

Security EngineerSecurity EngineerFull TimeRemoteTeam 1,001-5,000Since 1983H1B No SponsorCompany Site LinkedIn

Location

United States

Posted

39 days ago

Salary

$110.9K - $184.9K / year

Bachelor Degree5 yrs expExperience acceptedEnglishCyber SecurityIo TLinux

Job Description

• Conduct comprehensive security assessments of mobile applications, IoT hardware/firmware, compiled software, and browser extensions • Perform reverse engineering and vulnerability analysis, and penetration testing to uncover security risks • Analyze binary file formats (PE, ELF, Mach-O) and runtime behaviors for security flaws • Review browser extensions and software plugins for security flaws and compliance with best practices • Perform product data analysis to identify potential vulnerabilities and determine access scope • Collaborate with cross-functional teams (e.g. - engineering, product, and security) to enhance security measures and improve resilience against cyber threats • Develop and recommend mitigation strategies and risk profiles for identified vulnerabilities • Document findings and communicate security recommendations to both technical and non-technical audiences • Maintain organizational product inventory with security assessment status and secure configuration requirements • Responsible for the production and maintenance of security documentation, such as bill of material repositories and analytical procedure guides.

Job Requirements

Bachelors of Science in a related field, such as Computer Science, Electrical Engineering, or Cyber Security
5-7 years of relevant experience in software exploitation, reverse engineering, malware analysis, or related field; or any equivalent combination of experience and training that provides the required knowledge, skills, and abilities needed to complete the primary job responsibilities
Proficient in using debuggers, decompilers, and disassemblers to analyze code for vulnerabilities across various CPU architectures, including ARM and RISC-V
Strong understanding of binary file formats like PE, ELF, and Mach-O, enabling analysis of applications for security flaws
Skilled in low-level data extraction and analysis using tools like QEMU and Verilog to identify and verify vulnerabilities through emulation
Knowledgeable about Linux loaders, binary packing, and embedded systems tools such as BusyBox, binwalk, and u-boot
Experienced in capturing and analyzing network traffic, including using tools like tcpdump and Scapy to dissect proprietary protocols
Experienced in BOM enumeration and leveraging tools like CycloneDX for inventory and risk assessment
Strong analytical and problem-solving skills, with a keen eye for identifying and mitigating security risks
Excellent communication skills for documenting findings, providing security recommendations, and effectively disclosing vulnerabilities to technical and non-technical audiences.

Benefits

Medical, Dental, and Vision insurance
Basic and Supplemental Life Insurance options
401(k) retirement plans with company match
Health Spending Accounts (HSA/FSA)
Flexible time off and 11 paid holidays
Family-building benefits, including Maternity, Adoption, and Parental Leave
Tuition Reimbursement and certification support, reflecting our commitment to lifelong learning
Wellness and Mental Health counseling services
Concierge and work/life support resources
Adoption Assistance Reimbursement
Perks and discount programs