Cypress HCMRemote
Product Security Engineer
United States of America
Contract
2 days ago
00$92 USD
Visa Sponsor
Key skills
CypressCommunicationOWASP
About this role
Cypress HCM is seeking a Product Security Engineer to serve as the technical security point-of-contact for engineering product teams. The role involves managing vulnerability backlogs, driving remediation efforts, and improving resilience through strategic improvements.
Responsibilities:
- Serve as the technical security point-of-contact when partnering directly with engineering product teams
- Make consistent risk-based decisions while managing vulnerability backlog and risk hygiene
- Strategically prioritize vulnerability risk reduction efforts
- Drive vulnerabilities to remediation within SLA requirements
- Act as the lead security contact during incidents
- Own metrics and escalations including Time-To-Remediation and SLA adherence
- Provide visibility into engineering product team risk posture
- Identify and implement strategic improvements and paved road solutions to improve resilience
Requirements:
- 4+ years of vulnerability management experience
- Strong experience with vulnerability triage and risk assessment
- Experience handling vulnerability incident response
- Strong understanding of OWASP Top 10 vulnerabilities and mitigation techniques
- Experience with infrastructure vulnerabilities, mitigation techniques, and tooling including CrowdStrike Spotlight and Rapid7 Nexpose
- Strong root-cause analysis skills with the ability to identify vulnerability patterns and trends
- Ability to work independently and manage escalations effectively
- Strong verbal and written communication skills
- Bachelor's degree in Computer Science, Engineering, or related field
- Experience partnering directly with engineering or product teams
- Experience managing remediation SLAs and security metrics
- Experience operating in enterprise-scale environments