Product Security Engineer

Product Security Engineers are responsible for the end-to-end security of their organization’s software products.

Role overview

Product Security Engineers work closely with software engineering and product teams to achieve product and security business objectives. They support the implementation of secure development practices, threat modelling, architecture, design, vulnerability assessments and security verification, as well as defining the security standards for a variety of products and tools.

Product Security Engineers
may also be referred to as:
IOT Product Security Engineer
Platform Product Security Manager
Product Cyber Resilience Engineer
Product Cybersecurity Integration Engineer
Product Manager Cloud Security
Product Manager Network Security
Product Security Analyst
Product Security Architect
Product Security Engineer Intern
Product Security Incident Responder
Product Security Incident Response Manager (PSIRT)
Security Product Owner

Career Path

Map your career path by understanding role relationships

Average Salary

Based upon experience, salary for this role ranges from:
$176,700
National Average
$195,850
$215,000
* based upon those with two plus years of cybersecurity experience

Responsibilities

Providing security guidance on all new products and technologies within the organization.
Collaborating with the engineering team to perform regular product security assessments and threat modelling.
Managing the operations and effectiveness of the product security pipeline tools.
Updating product security tooling to reduce false positives.
Responding to vulnerabilities disclosed through threat detection systems.
Maintaining internal documentation and security standards to ensure security best practices are followed.
Designing and implementing tools to automate and scale security processes.
Supporting the incident detection and response processes.
Providing security support and leadership to the product engineering team.

Tools & Environment

Product Security Engineers work with various development process tools including threat modelling, compliance, test automation, and vulnerability technologies. They also use a variety of operating systems, cloud containers, programming tools, encryption, and security controls for IaaS, PaaS, and Serverless systems.

Certifications

Category Organization Certification
Develop (ISC)2 CSSLP
Develop CertNexus CSC
Develop EC-Council CASE Java
Develop EC-Council CASE .Net
Develop EXIN SP-F
Develop GAQM CSST
Develop GAQM CASST
Develop GIAC GPYC
Develop GIAC GSSP-JAVA
Develop GIAC GSSP-.NET
Organization

[cyber_job_role_count] Product Security Engineer jobs

Resources

Videos

Watch our latest videos, talks an recorded events
Watch

White Papers

Download our whitepapers and printed resources
Learn

Free Courses

Browse our training courses and educational resources
See All

Podcasts

Listen to our podcast features and recorded roundtables
Listen

Get our latest insights. Subscribe to our newsletter.