Senior Product Security Engineer (m/w/d)
Responsibilities
* Define and drive the strategy for product security, privacy and compliance across Vusion cloud platforms, devices and product lines in collaboration with engineering and legal teams
* Lead threat modelling, security architecture reviews, and security-by-design practices for cloud, gateway, and device solutions.
* Discover, triage and prioritize vulnerabilities via code reviews, fuzzing, static analysis and penetration testing
* Design and improve security controls for connected products, including secure provisioning, PKI and certificate lifecycle management, secrets management, secure boot, firmware signing, and OTA integrity
* Work closely with engineering teams to remediate vulnerabilities found internally or reported by researchers and help drive durable fixes
* Establish and review security monitoring, audit logging, periodic assessments, and control effectiveness across services and products
* Evaluate new security tools, services, and architectural patterns to ensure Vusion uses state-of-the-art security technologies in a pragmatic way
Qualifications
* Bachelor’s degree in computer science, cybersecurity, network engineering, or a related field, or equivalent work experience
* 7+ years of experience in product security, security architecture, and/or cloud security, ideally in IoT or cloud-connected device environments.
* Hands-on experience with IoT platforms, large-scale distributed systems, and cloud-connected client-server architectures.
* Defining production procedures from defining Secure boots, keys provisioning, signing production data, signing SW and FW images, certificate and key management
* Experience with threat modelling, secure SDLC practices, SAST/DAST/SCA, SBOMs, vulnerability management, and remediation of penetration test findings.
* Prior privacy and compliance experience with frameworks such as GDPR, ISO 27001, SOC 2, and the EU Cyber Resilience Act.
* Relevant security certifications such as CSSLP, CCSP, CISSP, or AZ-500 are a plus.
* Excellent communication skills, with the ability to articulate a compelling security vision and educate teams on secure design and common vulnerability classes.
* Self-motivation, strong problem-solving skills, and a passion for staying current with modern security tools, infrastructure, and industry best practices.
Benefits
* Pay: Competitive pay and shareholder equity (VusionGroup to add pay, based on state requirements or if relevant)
* Schedule: A flexible, hybrid work schedule
* Health Benefits: Company Doctor
* Company merch and presents
* Notebook (can also be used privately)
* Good public transport connections w/ financial support
* ⏲️ Flexible working hours
* Home Office
* No dresscode / casual style
* No All-In contract
* ⛹️ Team Events
* Beautiful Mur in walking distance
* ♿️ Accessibility
* Bicycle parking
* ️ Canteen with different meals and financial assistance
* Nearby kebab
* Fresh fruits
* ☕️ Coffee, tea, water, …
* Electric charging station
* Airport Graz nearby
* ️ Multiculturality – Hanging out with colleagues from all around the world
A minimum basic salary of EUR 3.954,00 gross per month for full-time employment applies to the advertised position with a willingness to pay depending on the actual qualifications.
#J-18808-Ljbffr