Staff Security Engineer (PSIRT Lead)

185 000 - 230 000$

Формат работы

remote (только USA)

Тип работы

fulltime

Грейд

senior/lead

Английский

Страна

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Staff Security Engineer (PSIRT Lead): Establishing and running the Product Security Incident Response Team (PSIRT) as the single point of accountability for vulnerability management with an accent on coordinated vulnerability disclosure and cross-functional leadership. Focus on driving remediation across hardware, firmware, cloud, and mobile ecosystems while maintaining compliance with industry standards and security advisories.

Location: Must be based in the United States

Salary: $185,000 – $230,000

Company

A high-performance technology company building solutions to reduce crime and protect privacy through advanced hardware and software platforms.

What you will do

Lead the newly established PSIRT as the single point of accountability for all product vulnerabilities.
Act as the technical owner of the Coordinated Vulnerability Disclosure (CVD) program and the CVE Numbering Authority (CNA).
Coordinate cross-functional remediation efforts across Hardware, Firmware, SRE, Mobile, ML, Legal, and Communications teams.
Define and enforce SLAs, metrics, playbooks, and public security advisories.
Manage the end-to-end lifecycle of security findings from intake and triage to disclosure.

Requirements

Must be based in the United States
7+ years in security engineering with 4+ years leading PSIRT, product security, or CVD functions.
Hands-on experience as a CVE Numbering Authority (CNA) and deep knowledge of CNA Operational Rules.
Demonstrated ownership of FIRST PSIRT Services Framework v1.1 service areas.
Ability to obtain and maintain CJIS certification, including a fingerprint-based background check.
Exceptional written communication skills for drafting customer-facing advisories and executive summaries.

Nice to have

Experience at a company shipping connected hardware (LPR/IP cameras, ICS/OT, automotive, medical, or networking gear).
Deep operational experience in Embedded/Firmware security or Cloud Security on AWS.

Culture & Benefits

Fully-paid health benefits (Medical, Dental, Vision) with HSA match.
Flexible PTO policy plus 11 company holidays.
12 weeks of 100% paid parental leave.
$50,000 lifetime benefit for fertility, adoption, or surrogacy via Maven.
Monthly WFH stipend and annual productivity stipend.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →