Cybersecurity Lead - Product Security (Network Hardware & OS) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Celestica · 6 days ago

Cybersecurity Lead - Product Security (Network Hardware & OS)

positionRichardson, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

Celestica is a leader in design and manufacturing solutions, and they are seeking a Cybersecurity Lead - Product Security to act as the security architect for their network hardware products. This role involves embedding security into product development and ensuring compliance with Zero Trust principles while managing the product vulnerability lifecycle.

ElectronicsManufacturingProduct DesignSupply Chain Management
check
H1B Sponsor Likelynote

Responsibilities

Secure Product Lifecycle: Lead the integration of security gates into the product development lifecycle for network hardware and OS software. Enforce the standardized SDLC policy and ensure threat modeling (using frameworks like STRIDE or PASTA) is conducted during the design phase of every new product release
Network OS Hardening: Direct the security hardening of the network operating system. Define and enforce baseline configurations to ensure the OS is resistant to tampering, implementing controls such as secure boot, kernel hardening, and restricted shell access
Application Security Testing: Orchestrate the "Standardizing Dynamic Testing and Vulnerability Management" initiative for product software
Oversee the implementation of Static Application Security Testing (SAST) using tools like Snyk in the CI/CD pipeline and establish a Dynamic Application Security Testing (DAST) framework to identify runtime vulnerabilities
Zero Trust Architecture: Architect product features that support Zero Trust environments. Ensure network products support granular micro-segmentation capabilities and robust identity integration, moving away from local authentication to centralized, MFA-ready administrative access
Vulnerability Remediation: Manage the product vulnerability lifecycle. Establish Service Level Agreements (SLAs) for remediating findings identified during penetration testing and DAST scans, ensuring no critical vulnerabilities ship to production
Crypto & Protocol Security: Ensure all product cryptographic implementations align with the "IT Encryption & Cryptography Policy", mandating AES-256 standards. Validate the security of implemented network protocols (BGP, OSPF, SSH, TLS) against industry best practices

Qualification

Threat ModelingOS HardeningCryptographyNetwork ArchitectureZero Trust ArchitectureSAST/DAST ImplementationProduct Security ExperienceTechnical AuthorityProblem-SolvingDetail-Oriented

Required

8–10 years of experience in product security, specifically focusing on network hardware (switches, routers, gateways) or embedded systems
Strong background in C/C++, Go, or Python, with experience developing or securing Network Operating Systems (e.g., SONiC, Linux-based embedded OS)
Deep expertise in network protocols (L2/L3, TCP/IP, VLANs, VXLAN) and network security technologies (Firewalls, ACLs, 802.1X)
Proven experience implementing SAST/DAST pipelines (e.g., Snyk, Coverity, Burp Suite) and managing vulnerability disclosure programs
Mastery of threat modeling methodologies (STRIDE, PASTA) to identify design flaws early in the development cycle
Expert knowledge of OS hardening standards (CIS Benchmarks, NIST) and how to apply them to custom hardware platforms
Solid understanding of applied cryptography (PKI, TLS, AES, secure boot chains)
Ability to translate 'Zero Trust' concepts into concrete product features (e.g., API security, mutual TLS)
A proactive problem-solver who can balance security requirements with product performance and time-to-market constraints
Capable of earning the respect of hardware engineers and kernel developers through deep technical competence
Rigorous in validating that 'Secure by Design' is not just a slogan, but a documented and tested reality
Bachelor's degree in IT, Networking, or a related field (equivalent experience accepted)

Preferred

Checkpoint: CCSE (highly preferred)
CompTIA Security+ or Cisco CCNP Security

Company

Celestica

twittertwittertwitter
Glassdoor3.9
company-logo
Celestica is a manufacturing firm that provides design, hardware platform, and supply chain solutions to a multitude of industries.
dateFounded in 1994
location
Toronto, Ontario, CAN
people-size10001+ employees
web-link
https://www.celestica.com/

H1B Sponsorship

Celestica has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (13)
2024 (3)
2023 (6)
2020 (3)

Funding

Current Stage
Public Company
Total Funding
$1.47B
2024-06-20Post Ipo Debt· $657.67M
2023-06-05Post Ipo Secondary· $148.8M
2021-09-30Post Ipo Debt· $660.4M

Leadership Team

leader-logo
Robert Mionis
President and CEO
linkedin

Recent News

MarketScreener
Celestica's Cloud Nine Moment
2025-12-12
MarketScreener
Cannabis, mining shares lift TSX to record high
2025-12-12
TradingView
Celestica Inc. Announces Board and Committee Changes
2025-12-05
Company data provided by crunchbase