Lincoln Electric

Product Security R&D Engineer

Lincoln Electric

full-time

Posted on:

Origin:  • 🇺🇸 United States • Ohio

Visit company website
AI Apply
Apply

Salary

💰 $118,969 - $160,959 per year

Job Level

Mid-LevelSenior

Tech Stack

CloudCyber SecurityIoTJavaLinuxPythonRTOSSDLC

About the role

  • Establish and operationalize a formal Product Security Program aligned with corporate SDLC and Secure Design standards and best practices
  • Collaborate with engineering, IT, and compliance teams to define and enforce security requirements across product lines
  • Develop and maintain security policies, procedures, and technical standards for product development
  • Stay current with emerging security threats, vulnerabilities, and mitigation techniques and update/evolve program and governance accordingly
  • Lead and standardize threat modeling activities using methodologies such as STRIDE, PASTA, or LINDDUN
  • Assist with security architecture reviews and design analysis for new and existing products
  • Standardize guidelines for documentation of data flows, trust boundaries, attack surfaces, and security controls
  • Operationalize a formal Secure Development Lifecycle with security tools and practices (e.g., SAST, DAST, SBOM, secrets scanning) into CI/CD pipelines
  • Ensure secure coding practices are followed and validated through peer reviews and automated testing
  • Support the development of secure signing, secure boot, and credential management processes
  • Provide guidance on secure coding practices and conduct security training for developers
  • Assist in the selection and configuration of security tools used in CI/CD pipelines
  • Implement and manage vulnerability tracking, CVE remediation workflows, and SBOM maintenance
  • Coordinate with Testing and DevOps teams to ensure timely patching and secure deployment practices
  • Represent R&D in incident response planning and product-related security investigations
  • Participate in security assessments, including penetration testing and third-party audits
  • Work with Product Management to establish standards for various product segments
  • Ensure compliance with relevant standards and regulations (e.g., NIST, CCPA, GDPR, EU CRA, Trust Mark)
  • Support audits, assessments, and customer security inquiries
  • Interpret evolving cybersecurity threats, regulatory changes, and industry trends to improve product security strategy
  • Analyze technical and organizational challenges across product lines and propose scalable, secure solutions
  • Collaborate with cross-functional teams to identify systemic issues and recommend best practices that align with business goals

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Electrical Engineering, or related field
  • 5+ years of experience in cybersecurity, with at least 2 years focused on product or embedded system security
  • Experience working in Agile/Scrum environments and familiarity with DevSecOps practices
  • Proficiency in threat modeling, secure coding, and vulnerability management
  • Hands-on experience with security tools such as SAST/DAST scanners, SBOM generators, and PKI systems
  • Familiarity with secure coding in C/C++, Python, Java, and embedded systems languages
  • Understanding of secure boot, firmware signing, and TPM-based authentication
  • Experience with embedded Linux, Yocto, and real-time operating systems (RTOS)
  • Familiarity with cloud-native security, API security, and IoT device protection
  • Strong understanding of secure software development practices and common vulnerabilities (e.g., OWASP Top 10)
  • Familiarity with CI/CD pipelines and DevSecOps practices
  • Certifications (Preferred): Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP), or equivalent cybersecurity certifications
  • Strong communication and collaboration skills across technical and non-technical teams
  • Ability to lead cross-functional initiatives and drive cultural change around security
Switzerland Global Enterprise

Senior Cyber Security Engineer – Application Development

Switzerland Global Enterprise
Seniorfull-time$152k–$190k / year🇺🇸 United States
Posted: 16 days agoSource: gevernova.wd5.myworkdayjobs.com
CloudCyber SecurityLinuxPythonRTOSSDLC
Medtronic

Senior Product Security Engineer

Medtronic
Seniorfull-time$126k–$188k / yearColorado · 🇺🇸 United States
Posted: 7 days agoSource: medtronic.wd1.myworkdayjobs.com
CloudCyber SecuritySDLC
iHerb, LLC

Director of Information Security

iHerb, LLC
Leadfull-time$206k–$276k / yearCalifornia · 🇺🇸 United States
Posted: 13 days agoSource: boards.greenhouse.io
CloudCyber SecuritySDLC
GE HealthCare

Staff Software Architect – Product Security

GE HealthCare
Leadfull-timeWisconsin · 🇺🇸 United States
Posted: 23 days agoSource: gehc.wd5.myworkdayjobs.com
AWSAzureChefCloudCyber SecurityJenkinsLinuxPythonSDLCTCP/IP
P2P Labs & P2P Tech Services

Head of Cybersecurity

P2P Labs & P2P Tech Services
Leadfull-time🇵🇱 Poland
Posted: 13 days agoSource: jobs.ashbyhq.com
AWSCloudCyber SecurityGoGoogle Cloud PlatformJavaScriptKubernetesOraclePythonSDLC