×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Product Security Engineer

Remote / Online - Candidates ideally in
Ferndale, Whatcom County, Washington, 98248, USA
Listing for: Cutsforth
Remote/Work from Home position
Listed on 2026-02-14
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 133000 - 172000 USD Yearly USD 133000.00 172000.00 YEAR
Job Description & How to Apply Below

Role Information

  • Work Location:

    Fully remote position, home office
  • Employment Type:

    Full‑time
  • Visa sponsorship is not available for this position
  • Must reside in the United States
  • We are not accepting applicants for remote workers in California, Illinois, and New York at this time
Compensation

$133,000-$172,000/year depending on years of experience

Role Overview

As a Product Security Engineer, you will own product security across all Cutsforth offerings, including cloud software, on-prem deployments, embedded systems, and IoT hardware. This role is responsible for defining, implementing, and governing product security controls throughout the full product lifecycle; from device manufacturing and firmware through cloud services, APIs, and customer‑facing applications.

Product & Platform Scope

This role is responsible for product security across:

  • Foresight (cloud‑hosted, multi‑tenant analytics platform)
  • Cortex (internal R&D and ML experimentation environment)
  • Insight

    CM (on‑prem and hybrid industrial monitoring systems)
  • Embedded and low‑cost hardware devices, including firmware, device identity, encryption, and secure communications
Key Responsibilities
  • Embed security best practices, such as encryption and authentication, directly into new products as part of the architecture and design process.
  • Identify vulnerabilities and security gaps during the design phase to present exploitation.
  • Define and enforce secure device architecture, including secure boot, hardware root of trust, device identity, and certificate‑based authentication.
  • Own firmware security, including signing, update mechanisms, rollback protection, and vulnerability remediation.
  • Design and govern end‑to‑end encryption strategies spanning device, edge, and cloud.
  • Establish security requirements for low‑cost hardware, balancing risk, cost, and operational constraints.
  • Conduct threat modeling for embedded systems, IoT protocols, and physical attack surfaces.
  • Partner with hardware, firmware, and manufacturing vendors to ensure supply‑chain security controls.
  • Own product security incident response, including vulnerability triage, remediation coordination, customer communication, and post‑incident reviews.
  • Manage coordinated vulnerability disclosure and CVE processes where applicable.
  • Lead Product Lifecycle Management security initiatives from concept throughout development, release and maintenance.
  • Conduct product security testing and oversee penetration testing, vulnerability scans and code reviews.
  • Define the product security strategic roadmap, goals, priorities, features and align product security with business objectives.
Required Qualifications
  • Successfully pass background check for cybersecurity site access.
  • 7-15 years of hands‑on cyber security experience within the software development lifecycle, including implementation of security controls, vulnerability management, or cloud security.
  • Hands‑on experience with programming languages such as Python, Java, C++, or Go.
  • Mastery of security tools such as Burp Suite, Checkmarx, or Sonar Qube.
  • Security Frameworks – solid understanding of OWASP Top 10, NIST and SOC 2 compliance.
  • Specific familiarity with the NIST SSDF (SP 800‑218) standard and experience developing products to meet requirements in this standard.
  • Experience with Azure.
  • 7+ years of experience with scripting automation for security tasks using Python.
  • Practical experience with at least one major SIEM – Splunk.
  • Strong analytical and problem‑solving skills.
  • Ability to clearly communicate technical risks and recommendations to both technical and non‑technical stakeholders.
  • Detail‑oriented with good documentation habits.
  • Bachelor’s degree in computer science, cyber security or related field.
Preferred Qualifications
  • CompTIA Security+, CompTIA CYSA+, CompTIA Pen Test+ or CEH preferred.
  • CISSP.
  • OSCP.
  • Experience securing embedded systems, IoT devices, or industrial control systems.
  • Familiarity with device authentication, PKI, and certificate lifecycle management.
  • Understanding of common IoT protocols (MQTT, HTTPS, AMQP, or similar).
Other Qualifications
  • Successfully pass background check for cybersecurity access requirements.
Cybersecurity Role Expectations
  • Candidate will be…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search