IBM · 1 week ago
Product Security Engineer II - HashiCorp Security
Lowell, MA
Full-time
Onsite
Mid LevelIBM is a leading company that transforms customer challenges into industry-leading solutions. They are seeking a Product Security Engineer II to scale their product security function by partnering with Research & Development teams to ensure security is integrated across HashiCorp's suite of products.
Business DevelopmentBusiness Information SystemsCRMData ManagementFoundational AISoftware
Responsibilities
Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio
Work across various R&D teams to prioritize security features and bugs, and ensure implementation and mitigations
Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk
Act as SME on multiple information security areas (e.g. security architecture, application security, threat modeling etc.)
Plan & execute security assessments (dynamic testing, static testing, code review, etc) and threat modeling of HashiCorp’s products, services, and associated cloud infrastructure
Assist in execution of 3rd-party audits, penetration tests, and bug bounty programs
Contribute to the development of security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc
Contribute to the creation and delivery of security training
Research emerging attack vectors and techniques
Qualification
Required
Hands-on experience in Security
Secure development practices, and integration into broader engineering activities
Security design / architecture and threat modeling
Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS)
Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP)
Secure operations practices, specifically in cloud environments
Authentication and Identity management (e.g. SAML, SSO, OIDC, SCIM, etc) security best practices
Application and infrastructure security testing methodologies and tools
Vulnerabilities (old and new), and options for defense / mitigation
Product vulnerability management lifecycle
Working with and/or supporting product engineering teams
Security audits, penetration tests, and/or bug bounty programs
Cryptography and cryptographic primitives
Strong written and verbal communication skills
Preferred
Master's Degree
Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem
Knowledge of application security topics, a pragmatic approach to security, and the ability to empathize with engineers and product managers across the company
Company
IBM
IBM is an IT technology and consulting firm providing computer hardware, software, infrastructure, and hosting services.
Founded in 1911
10001+ employees
H1B Sponsorship
IBM has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3032)
2024 (3301)
2023 (2160)
2022 (1809)
2021 (1157)
2020 (2669)
Funding
Current Stage
Public CompanyTotal Funding
unknown2011-01-14IPO
Leadership Team
Alain Bénichou
Chief Executive Officer, IBM Greater China Group
Alex Yang
CTO and Chief Architect
Recent News
2026-01-12
2026-01-12
Company data provided by crunchbase