Product Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Gecko Robotics · 4 hours ago

Product Security Engineer

positionWashington, DC
timeFull-time
remoteHybrid
senioritySenior Level
money$175K/yr - $210K/yr
date6+ years exp

Gecko Robotics is dedicated to ensuring the reliability and sustainability of critical infrastructure through innovative robotic solutions. They are seeking an experienced Product Security Engineer to deeply embed security into their software development processes, focusing on secure development lifecycles, cloud security, and application security.

Artificial Intelligence (AI)Industrial EngineeringInformation TechnologyInfrastructureMilitaryRoboticsSoftware
check
H1B Sponsor Likelynote

Responsibilities

Shape Gecko’s Secure Development Lifecycle (SDL)
Secure cloud-native architectures (AWS, GCP, Azure)
Design and implement security and software architecture
Act as a technical authority for all things cloud and product security
Design, implement, and evolve Gecko’s SDL across design, build, test, deploy, and operate
Embed security into CI/CD pipelines without slowing delivery
Define security gates that are practical, measurable, and enforceable
Drive remediation workflows that engineers actually complete
Perform hands-on secure code reviews (Python, TypeScript, Cloud Formation/TerraForm, backend services)
Identify and remediate vulnerabilities across APIs, services, auth flows, and data access
Build and implement secure patterns (authN/Z, secrets handling, input validation, crypto usage)
Own and operate application security tooling (SAST, DAST, dependency and secret scanning) with a focus on signal quality and developer adoption
Identify toxic combinations (e.g., public access + IAM misconfigurations)
Partner with platform teams to harden baseline infrastructure
Support container, workload identity, and service-to-service security
Lead incident response and root cause analysis for security events
Build and maintain automation to integrate security controls into CI/CD pipelines
Lead threat modeling for new systems, features, and integrations
Review system and data flow architectures for security risks
Translate abstract threats into concrete mitigations
Influence design decisions early — before code ships
Partner with SOC and engineering teams to lead incident response
Support investigations, containment, and post-incident reviews
Help turn incidents into durable architectural improvements
Improve logging, detection, and security telemetry over time
Map technical controls to leading compliance frameworks (ISO 27001, SOC 2, NIST 800-53, FedRAMP, IL-4, IL-5)
Automate audits evidence, not spreadsheets
Ensure security controls align with real system behavior
Enable Gecko’s expansion into regulated and mission-critical environments
Create practical security guidance, tooling and internal documentation to scale adoption
Deliver targeted technical training for engineers (not generic awareness)
Act as a trusted advisor, not a blocker

Qualification

Application securityCloud securitySecure Development LifecycleProgramming languagesSecurity testing toolsSecurity frameworksSoft skills

Required

6+ years of experience in application security or a related role
Bachelor's in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience)
Strong understanding of security protocols, cryptography, and application security frameworks (e.g., OWASP)
Proficient in security testing tools (e.g., Burp Suite, OWASP ZAP) and methods
Experience with programming languages such as Java, Python, or C++
Familiarity with various operating systems and datastores
Familiarity with Security Best Practices and frameworks (e.g. NIST, ISO27001, SOC 2)
Experience with Cloud architectures and design patterns (GCP experience is a plus)

Preferred

Experience in robotics, industrial systems, or safety-critical environments
Experience supporting DoD or regulated defence customers
Red team or offensive security background
Experience building SDLs from scratch or maturing them significantly

Benefits

Company equity
401(k) matching
Gender-neutral parental leave
Full medical, dental, and vision insurance
Mental health and wellness support
Ongoing professional development
Family planning assistance
Flexible paid time off

Company

Gecko Robotics

twittertwittertwitter
Glassdoor3.5
company-logo
Gecko Robotics is an AI and robotics technology company that provides robotics and inspection services for industrial applications.
dateFounded in 2013
location
Pittsburgh, Pennsylvania, USA
people-size201-500 employees
web-link
https://www.geckorobotics.com

H1B Sponsorship

Gecko Robotics has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (6)
2024 (5)
2023 (2)
2022 (2)
2021 (3)
2020 (1)

Funding

Current Stage
Late Stage
Total Funding
$347.13M
Key Investors
Cox EnterprisesXNDrive Capital
2025-06-12Series D· $125M
2023-12-05Series C· $100M
2022-03-03Series C· $73M

Leadership Team

leader-logo
Jake Loosararian
Founder & Chief Executive Officer
linkedin
leader-logo
Troy Demmer
Cofounder & Chief Product Officer
linkedin

Recent News

Tech.eu
How Armenia is building tech sovereignty through it's global diaspora
2026-01-17
Soma Capital
Soma Capital Portfolio
2026-01-08
FundersClub Portfolio
2025-12-29
Company data provided by crunchbase