Senior Product Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Product Security Engineer at Forterra developing secure autonomous systems and collaborating with cross-functional teams to identify and mitigate security vulnerabilities. Leading product security initiatives and conducting risk assessments.
Responsibilities:
- Provide domain expertise and contributions within a team of product security engineers
- Collaborate with engineers from other cross-functional groups such as systems, safety, and test to ensure product and program level needs are met
- Development of security artifacts and required documentation to provide evidence of rigor in accordance with relevant standards
- Ensure that security requirements are clearly defined, implemented and traceable
- Audit embedded code to identify security vulnerabilities
- Work with product and engineering teams to identify, implement, and advance security with our products
- Lead product security initiatives and serve as a subject matter expert (SME)
- Carry out risk assessments to prioritize threats and compare mitigation strategies
- Conduct penetration tests and risk assessments in an automotive, industrial or disconnected environment
- Work with Forterra engineers, vendors, and partners to drive vulnerability remediation
- Perform activities such as sprint planning, task delegation, roadmap refinement and identifying markers of success
Requirements:
- BS in Computer Science, Computer Engineering, Information Security, Electrical Engineering or proof of exceptional skills in related fields, with practical software engineering experience
- A minimum of 4+ years of work experience as a Product Security Engineer or related role
- Ability to write security requirements and communicate them to other engineering teams
- Demonstrated skill in hardware and software security, including a track record of identifying and mitigating high-impact vulnerabilities
- Experience with software supply chain risk management and SBOMs
- Familiarity with ISO/SAE 21434, NIST 800-218, NIST 800-53, and NIST 800-37
- Knowledge and practical experience with the Risk Management Framework (RMF) for cybersecurity compliance and assessment
- Strong communication skills, both written and spoken
- Demonstrated ability to deal with ambiguity and to learn new technologies quickly
Benefits:
- Premium Healthcare Benefits: Three plan options, including an HSA-eligible plan, with Forterra covering 80% of the plan premium for you and your dependents.
- Basic Life/AD&D, short and long-term disability insurance plans 100% covered by Forterra, plus the option to purchase additional life insurance for you and your dependents.
- Extremely generous company holiday calendar including a winter break in December.
- Competitive paid time off (PTO) offering 20 days accrued per year.
- A minimum of 7 weeks fully paid parental leave for birth/adoption.
- A $9k annual tuition reimbursement or professional development stipend.
- Fully stocked beverage refrigerators with all the Celsius your little heart desires.
- 401(k) retirement savings plan, including traditional, Roth 401(k), and after-tax deferral with company match up to 4%.
Similar Jobs
Senior Cybersecurity Risk Assessor – Risk Manager
Sr. Cybersecurity Risk Assessor leading risk management for Blue Yonder's cybersecurity programs. Collaborating cross-functionally to ensure effective governance and risk mitigation strategies.
Senior Director Analyst, Cybersecurity, Governance, Risk & Compliance
Senior Director Analyst producing insights in Cybersecurity for Gartner's global clients. Leading research and development strategies in Cyber Governance, Risk & Compliance while mentoring team members.
Cybersecurity Engineering Internship Program
Cybersecurity Engineering Internship at CENSUS focusing on hands-on training and industry mentors. Engage in real-world projects while working remotely within the UK for a duration of 6 months.
Security Engineer
Security Engineer responsible for deploying secure infrastructure and SIEM solutions. Collaborating with MSSP clients and teams to enhance security practices.
Chief Information Security Officer
Chief Information Security Officer focusing on governance and risk management in fintech company. Responsible for implementing information security management systems under ISO 27001 standards.
Cybersecurity Governance Analyst
Governance Analyst contributing to Cybersecurity governance at SailPoint. Involve in policy documentation and compliance activities aligned with industry best practices.
Senior Cloud Cyber Security Engineer
Senior Cloud Cyber Security Engineer designing secure cloud architectures and ensuring compliance for Sentara Health. Conducting security assessments and collaborating with cross-functional teams to enhance cloud security.
Senior Manager, Product Security
Senior Manager of Product Security at Amgen developing strategies to counter threats to the global supply chain. Responsible for overseeing security initiatives and collaborating across diverse teams.
Account Executive – Cybersecurity, Risk Assurance
Account Executive managing complex B2B sales for Sensiba’s cybersecurity and risk assurance services. Focusing on ISO/IEC 27001, SOC 1, and SOC 2 engagements with C-suite executives.
Social Security Claims Specialist
Social Security Specialist at Lincoln Financial handling Social Security Disability Insurance claims. Acts as liaison between internal teams, claimants, and legal representation.
Senior Manager, Cloud Security Consultant
Senior Manager in cloud security at PwC focusing on cybersecurity threats. Leading development and implementation of cloud security strategies with advanced technologies.
Adjunct Faculty, Fundamentals of Networking – Cybersecurity
Adjunct Faculty teaching online course Fundamentals of Networking at UMGC. Engaging adult learners and fostering collaboration in a remote setting.
IT Sales Manager – Modern Infrastructure, Cyber Security, Managed Services
IT Sales Manager responsible for driving B2B sales in Modern Infrastructure, Cyber Security, and Managed Services. Collaborating with consulting teams and establishing new markets in Germany.
Head of Compliance – HIPAA and Security
Head of Compliance (HIPAA) leading strategic legal support and data governance for Bask Health. Overseeing compliance frameworks, training, and regulatory adherence in a remote setup.
Security Engineer
Security Engineer protecting Serve’s delivery platform and infrastructure while collaborating with IT and engineering teams. Ensuring security best practices across cloud infrastructure and applications.
Member of Technical Staff – Security
First dedicated security hire responsible for building security practices at AI infrastructure company. Defining company-wide security strategy and collaborating with engineering and research teams.
Cybersecurity Engineer
Cybersecurity Engineer responsible for maintaining security in compliance-driven environments for Teal. Protecting clients through security monitoring, vulnerability management, and incident response.
Cybersecurity Lead
Lead Cybersecurity Strategy at Intersect, safeguarding critical systems in a cloud-first environment. Collaborate cross-functionally to integrate security practices for innovative energy solutions.
Principal, Multicloud Data Center Solutions – AI, Data Security & Resilience
Lead development of solutions for enterprise Multicloud/Data Center, AI & Data and Security & Resilience at Dell Technologies. Engage with customers and drive transformative technology solutions.
Lead Security Officer – Rotational
Lead Security Officer ensuring health, safety and security for clients in remote settings. Providing oversight, training, and recommendations based on security operations.