IBM · 2 weeks ago
Sr. Product Security Engineer II
United States
Full-time
Remote
Senior Level, Lead/Staff
8+ years expIBM is a leading company in software solutions, seeking a Senior Product Security Engineer II to enhance the security of HashiCorp's offerings. The role involves collaborating with R&D teams to ensure security is integrated into the product lifecycle, conducting security assessments, and managing vulnerabilities across the product portfolio.
Business DevelopmentBusiness Information SystemsCRMData ManagementFoundational AISoftware
Responsibilities
Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio
Work across various R&D teams to prioritize security features and bugs, and ensure implementation and mitigations
Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk
Act as SME on multiple information security areas (e.g. security architecture, application security, threat modeling, etc.)
Plan & execute security assessments (dynamic testing, static testing, code review, etc) and threat modeling of HashiCorp’s products, services, and associated cloud infrastructure
Assist in execution of 3rd-party audits, penetration tests, and bug bounty programs
Contribute to the development of security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc
Contribute to the creation and delivery of security training
Research emerging attack vectors and techniques
Qualification
Required
8-10+ Years of Security experience
Secure development practices, and integration into broader engineering activities
Security design / architecture and threat modeling
Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS)
Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP)
Secure operations practices, specifically in cloud environments
Authentication and Identity management (e.g. SAML, SSO, OIDC, SCIM, etc) security best practices
Application and infrastructure security testing methodologies and tools
Vulnerabilities (old and new), and options for defense / mitigation
Product vulnerability management lifecycle
Working with and/or supporting product engineering teams
Security audits, penetration tests, and/or bug bounty programs
Cryptography and cryptographic primitives
Strong written and verbal communication skills
Preferred
Bachelor's Degree
Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem
Knowledge of application security topics, a pragmatic approach to security, and the ability to empathize with engineers and product managers across the company
Company
IBM
IBM is an IT technology and consulting firm providing computer hardware, software, infrastructure, and hosting services.
10001+ employees
H1B Sponsorship
IBM has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3032)
2024 (3301)
2023 (2160)
2022 (1809)
2021 (1157)
2020 (2669)
Funding
Current Stage
Public CompanyTotal Funding
unknown2011-01-14IPO
Leadership Team
Alain Bénichou
Chief Executive Officer, IBM Greater China Group
Alex Yang
CTO and Chief Architect
Recent News
2026-01-11
Company data provided by crunchbase