×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Product Security Engineer

Remote / Online - Candidates ideally in
Ferndale, Whatcom County, Washington, 98248, USA
Listing for: Cutsforth Inc.
Full Time, Remote/Work from Home position
Listed on 2026-02-12
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 133000 - 172000 USD Yearly USD 133000.00 172000.00 YEAR
Job Description & How to Apply Below

Role Information:

  • Job Title: Product Security Engineer
  • Work Location: Fully remote position, home office
  • Employment Type: Full-time
  • Employment Status: Exempt, salaried
  • Visa sponsorship is not available for this position.
  • Must reside in the United States.
  • We are not accepting applicants for remote workers in California, Illinois, and New York at this time.

Compensation: $133,000-$172,000/year depending on years of experience

Role Overview

As a Product Security Engineer, you will own product security across all Cutsforth offerings, including cloud software, on‑prem deployments, embedded systems, and IoT hardware. This role is responsible for defining, implementing, and governing product security controls throughout the full product lifecycle; from device manufacturing and firmware through cloud services, APIs, and customer‑facing applications.

Product & Platform Scope:

  • Foresight (cloud‑hosted, multi‑tenant analytics platform)
  • Cortex (internal R&D and ML experimentation environment)
  • Insight

    CM (on‑prem and hybrid industrial monitoring systems)
  • Embedded and low‑cost hardware devices, including firmware, device identity, encryption, and secure communications

Key Responsibilities:

  • Embed security best practices, such as encryption and authentication, directly into new products as part of the architecture and design process.
  • Identify vulnerabilities and security gaps during the design phase to present exploitation.
  • Define and enforce secure device architecture, including secure boot, hardware root of trust, device identity, and certificate‑based authentication.
  • Own firmware security, including signing, update mechanisms, rollback protection, and vulnerability remediation.
  • Design and govern end‑to‑end encryption strategies spanning device, edge, and cloud.
  • Establish security requirements for low‑cost hardware, balancing risk, cost, and operational constraints.
  • Conduct threat modeling for embedded systems, IoT protocols, and physical attack surfaces.
  • Partner with hardware, firmware, and manufacturing vendors to ensure supply‑chain security controls.
  • Own product security incident response, including vulnerability triage, remediation coordination, customer communication, and post‑incident reviews.
  • Manage coordinated vulnerability disclosure and CVE processes where applicable.
  • Lead Product Lifecycle Management security initiatives from concept through development, release, and maintenance.
  • Conduct product security testing and oversee penetration testing, vulnerability scans, and code reviews.
  • Define the product security strategic roadmap, goals, priorities, features and align product security with business objectives.

Required Qualifications:

  • Successfully pass background check for cybersecurity site access.
  • 7‑15 years of hands‑on cybersecurity experience within the software development lifecycle, including implementation of security controls, vulnerability management, or cloud security.
  • Hands on experience with programming languages like Python, Java, C++, or Go.
  • Mastery of security tools like Burp Suite, Checkmarx, or Sonar Qube.
  • Security Frameworks – solid understanding of OWASP Top 10, NIST and SOC2 compliance.
  • Specific familiarity with the NIST SSDF (SP 800‑218) standard and experience developing products to meet requirements in this standard.
  • Experience with Azure.
  • 7+ years of experience with scripting automation for security tasks using Python.
  • Practical experience with at least one major SIEM – Splunk.
  • Strong analytical and problem‑solving skills.
  • Ability to clearly communicate technical risks and recommendations to both technical and non‑technical stakeholders.
  • Detail orientated with good documentation habits.
  • Bachelor’s degree in computer science or cyber security or related field.

Preferred Qualifications:

  • CompTIA Security+, CompTIA CYSA+, CompTIA Pen Test+ or CEH preferred.
  • CISSP.
  • OSCP.
  • Experience securing embedded systems, IoT devices, or industrial control systems.
  • Familiarity with device authentication, PKI, and certificate lifecycle management.
  • Understanding of common IoT protocols (MQTT, HTTPS, AMQP, or similar).

Other

Qualifications:

  • Successfully pass background check for cybersecurity access requirements.

Cybersecurity Role…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search