Senior Product Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

TP-Link · 2 weeks ago

Senior Product Security Engineer

positionIrvine, CA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$140K/yr - $190K/yr
date8+ years exp

TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, committed to delivering innovative products that enhance connectivity. The Senior Product Security Engineer will define and drive the security architecture for the company's products, ensuring they meet the highest industry standards while addressing emerging threats.

Consumer Electronics
badNo H1Bnote

Responsibilities

Security Architecture Design and Review: Partner with the engineering, product management, and operations teams on the development and implementation of security architecture strategies for network equipment and smart home products
Collaborate with engineering teams to ensure security is integrated into product designs from concept to deployment
Conduct architecture reviews, threat modeling, and security assessments to identify and mitigate risks
Establish and enforce secure coding practices and design principles across all product development teams
Partner with development teams to integrate security tools and processes into CI/CD pipelines
Define and manage security requirements to ensure compliance with regulatory and industry standards (e.g., EU-CRA, GDPR, NIST CSF, ISO 27001)
Stay informed about new attack vectors, vulnerabilities, and security technologies relevant to IoT, smart home, and networking products
Provide expert guidance on addressing emerging threats and integrating innovative security solutions
Support incident response teams during product-related security incidents and postmortems
Develop and enforce policies and standards for secure product design and development
Define and maintain a security architecture framework, ensuring consistency across all product lines
Partner with leadership to define key security metrics and report on the product security posture

Qualification

Security Architecture DesignSecure Software DevelopmentThreat ModelingRisk AssessmentSecurity Testing ToolsIoT ProtocolsRegulatory RequirementsCryptographyEmbedded Systems SecurityZero Trust ArchitectureSBOM ManagementRelevant Certifications

Required

Bachelor's degree in Computer Science, Cybersecurity, or a related field
8+ years of experience in product security, security architecture, or equivalent roles
Proven track record in designing and implementing security architectures for IoT or embedded systems
Experience working with network equipment or smart home product manufacturers is highly desirable
Deep understanding of secure software development, cryptography, and hardware security principles
Proficient in threat modeling, risk assessment, and security testing tools
Strong knowledge of regulatory requirements and industry standards (e.g., OWASP, CSA, NIST, EN 303 645)
Hands-on experience with cloud-connected devices, IoT protocols (e.g., MQTT, CoAP), and embedded systems security

Preferred

Master's degree
Relevant certifications, such as CSSLP, CISSP, or SABSA
Experience with SBOM (Software Bill of Materials) management and related tools
Familiarity with Zero Trust Architecture principles and application to product security

Benefits

Equal employment opportunities
Supportive and growth-oriented workplace

Company

TP-Link

twitter
Glassdoor3.5
company-logo
Headquartered in the United States, TP-Link is a global provider of reliable networking devices and smart home products, consistently ranked as the world’s top provider of Wi-Fi devices.
dateFounded in 1996
location
Irvine, US
people-size10001+ employees
web-link
http://www.tp-link.com

Funding

Current Stage
Late Stage
Company data provided by crunchbase