Action1 logo
Action1

Patch Management That Just Works | Real-time discovery and remediation of third-party and OS vulnerabilities

Product Security Engineer

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 51-200Since 2018H1B No SponsorCompany SiteLinkedIn

Location

Cyprus

Posted

1 day ago

Salary

0

Seniority

Senior

Bachelor Degree3 yrs expEnglishCloudCyber SecuritySDLC

Job Description

Product Security Engineer

Action1

• Support PSIRT and vulnerability handling activities • Validate, triage, track, and coordinate security reports • Provide practical remediation guidance to engineering teams • Help validate security fixes and reduce product security risks • Review code, APIs, and architecture to identify security issues early • Conduct threat modeling and security design reviews • Improve security automation in engineering workflows • Support SAST, SCA, secrets scanning, and other security controls • Maintain SBOMs, dependency visibility, and remediation follow-up • Support security assessments, vulnerability assessments, and penetration testing • Maintain vulnerability handling playbooks, product security procedures, and incident response runbooks

Job Requirements

  • 3+ years of experience in product security, application security, DevSecOps, or a related cybersecurity field
  • Strong software engineering background and ability to work effectively with engineering teams
  • Understanding of application, API, infrastructure, and software supply chain security risks
  • Experience applying cloud security concepts and practices
  • Understanding of IAM, network security, logging, monitoring, and secure cloud architecture patterns
  • Familiarity with vulnerability management, incident response, security assessments, and secure SDLC practices
  • Experience with threat modeling and security design reviews
  • Strong communication skills, including professional communication with external researchers and vendors
  • Ability to work independently and as part of a team in a fast-moving environment

Related Categories

Related Job Pages

More Security Engineer Jobs

Full TimeRemoteTeam 501-1,000H1B No Sponsor

Role Description The Naval Information Warfare Center (NIWC) Atlantic Defensive Cyberspace Operations (DCO) Integrated Product Team (IPT) is charged with the mission of conducting Defensive Cyberspace Operations to defend subscriber networks. The DHA Cybersecurity Operations Center (CyOC) coordinates and orchestrates cybersecurity activities execution at the DoD Component scale to protect information systems against unauthorized activity, vulnerabilities, or threats. RMC is hiring for an experienced Endpoint Security Support Analyst (Crowdstrike) who will support a US Navy environment. The Endpoint Security Support Analyst serves as a frontline interface between DHA subscribers and the Endpoint Security team. This role is responsible for monitoring the CrowdStrike Falcon console, performing initial triage of security alerts, and providing Tier 1 customer support for endpoint security issues. The position focuses on documenting and categorizing events using established playbooks, handling service desk inquiries, and escalating complex issues to senior Endpoint Security Operators for resolution. Duties - Alert Triage & Customer Support: Act as the first responder for customer support requests submitted via the service desk (ServiceNow). Monitor the CrowdStrike detection queue and provide Tier 1 support for endpoint security inquiries. - Initial Investigation & Documentation: Perform initial triage of low-to-medium severity alerts using established mini-playbooks. Accurately document findings and categorize detections as Benign, an Event, or requiring escalation. - Escalation & Communication: Escalate complex technical issues, unresolved user problems, and potential Incidents to senior Endpoint Security Operators for advanced investigation and response. - Compliance & Reporting Support: Assist senior operators by running pre-defined compliance reports, tracking task completion in the ticketing system, and helping to maintain accurate records for auditing purposes. Qualifications - A minimum of one to two years of experience in an IT help desk, customer support, or similar administrative role. - Must be able to obtain a DoD 8570 IAM Level I certification within 6 months of hire. - An Associate's degree in a relevant field or two years of equivalent professional experience. - Minimum Security Clearance: Secret. Requirements - Strong written and verbal communication skills with an emphasis on customer service. - Ability to follow established procedures and checklists with high attention to detail. - Strong analytical skills for initial problem assessment and categorization. - Proficiency with standard desktop programs (MS Office, Adobe Acrobat). Benefits - Investment in employee career growth through training, certification, and education. - Experience, tuition assistance, and certifications to advance your career. - Competitive paid vacation package with 11 paid federal holidays. - High-quality, low-deductible healthcare plans. - Pet insurance. - Competitive 401K package.

United States
Briefly™️ logo

AI, Cybersecurity and Data Privacy Partner

Briefly™️

Building the new internet for the marketing industry

Full TimeRemoteTeam 11-50H1B No Sponsor

• Provide legal counsel on corporate matters and assist clients with various legal issues. • Collaborate with the Outside GC team to deliver exceptional legal services. • Draft and negotiate AI-related contracts and provide guidance on AI governance frameworks. • Engage with clients to build strong relationships and understand their legal needs. • Keep up to date with technology transactions and data privacy standards. • Work in a flexible, remote environment as part of a dedicated team.

India
New York Times Company logo

Staff Newsroom Security Engineer

New York Times Company

Publisher of the internationally recognized daily newspaper, The New York Times , The New York Times Company is a global media organization whose mission is to

Title: Staff Newsroom Security Engineer Location: New York, NY Job Description About the Role, Mission or Department Overview The newsroom security engineer within Cybersecurity is a hands-on contributor who researches unique engineering projects to support the security of The New York Times newsroom. As a member of the Cybersecurity department, you will manage complex projects end-to-end. You will also drive technical security strategy for the newsroom, support measurable risk reduction, and collaborate across our engineering, security operations, threat management, and education teams. We are looking for an engineer who combines technical expertise with creativity and operational excellence, and who has experience designing and building security solutions for users facing complex and unique threat models.. This is a hybrid role based in New York City. You will report to the Director, Information Security. Responsibilities: - Evaluate existing cybersecurity tools used by the newsroom, identify opportunities for improvement, and help shape the roadmap for developing and enhancing internal security solutions. - Design security solutions that strengthen protections for newsroom staff while supporting efficient journalistic workflows. - Lead technical projects to enhance and scale existing newsroom security tools and services. - Partner with Information Security leadership to support and improve mobile security and digital forensics capabilities. - Collaborate with newsroom staff to understand security needs, provide technical guidance the use of security solutions. - Work with security education, threat management, and other teams to develop threat models for a variety of newsroom roles and translate those insights into practical security recommendations and protections. - Monitor new technologies, industry trends, and evolving threats, and incorporate relevant improvements into security strategies and solutions. - Travel to domestic and international office locations and bureaus, approximately 20% of the time. - Contribute to an inclusive and collaborative work environment while supporting The New York Times' commitment to journalistic independence and our mission to help people understand the world through trusted journalism. Basic Qualifications: - 7+ years of experience working on technical issues related to mobile malware, device security, data storage and providing technical solutions based on risk assessments. - Background with mobile threat detection tools and investigating alerts related to mobile devices, especially Apple devices. - Strong security that balance engineering requirements with operational newsroom needs. - Experience working in cloud environments, including AWS and GCP. - Experience with SecureDrop setup, technical support and threat modeling. - Strong cross-, including being a consistent point of contact for high-risk users and filling technical gaps between senior leadership and engineering. - Experience developing long-term security roadmaps and technical strategies rather than just executing tasks. - Knowledge of securing sensitive data storage solutions, particularly for high-risk assets. - Real passion for The New York Times's mission and dedication to be part of our innovation and growth. Preferred Qualifications: - Experience with unique threat models, including but not limited to newsroom, media, executives, etc. - Experience with imaging devices, such as phones, laptops, hard drives, etc. - Experience building and maintaining secure workspaces or logically air-gapped environments for handling sensitive materials. - Experience providing technical support and risk assessments specifically for staff traveling to high-risk environments. - Ability to train other team members on specialized technical skills, such as forensics, to ensure team scalability. - #LI-Hybrid REQ-020266 The annual base pay range for this role is between: $160,000—$190,000 USD For roles in the U.S., dependent on your role, you may be eligible for variable pay, such as an annual bonus and restricted stock. Benefits may include medical, dental and vision benefits, Flexible Spending Accounts (F.S.A.s), a company-matching 401(k) plan, paid vacation, paid sick days, paid parental leave, tuition reimbursement and professional development programs.

New York
$160K - $190K / year
Zscaler logo

Director, AI Security Specialist

Zscaler

We make it easy to secure your cloud transformation. Get fast, secure, and direct access to apps without appliances.

Full TimeRemoteTeam 5,001-10,000Since 2008H1B Sponsor

• Scale the AI Technical Strategy • Lead & Co-Elevate Elite Talent • Build Repeatable GTM Playbooks • Act as Executive Sponsor • Bridge the Product-to-Field Loop

United States
$194.3K - $277.5K / year