Product Security Engineer
Описание вакансии
Product Security Engineer
Action1, Serbia or remote
Action1 is an autonomous endpoint management platform trusted by many Fortune 500 companies. Cloud-native, infinitely scalable, highly secure, and configurable in minutes—it just works and is always free for the first 200 endpoints with no functional limits.
Support PSIRT and vulnerability handling activities
Validate, triage, track, and coordinate security reports
Provide practical remediation guidance to engineering teams
Help validate security fixes and reduce product security risks
Review code, APIs, and architecture to identify security issues early
Conduct threat modeling and security design reviews
Improve security automation in engineering workflows
Support SAST, SCA, secrets scanning, and other security controls
Maintain SBOMs, dependency visibility, and remediation follow-up
3+ years of experience in product security, application security, DevSecOps, or a related cybersecurity field
Strong software engineering background and ability to work effectively with engineering teams
Understanding of application, API, infrastructure, and software supply chain security risks
Experience applying cloud security concepts and practices
Understanding of IAM, network security, logging, monitoring, and secure cloud architecture patterns
Familiarity with vulnerability management, incident response, security assessments, and secure SDLC practices
Fully remote work environment
Opportunity to work on a real security product used by IT and security teams
High ownership and direct impact on product security practices
Close collaboration with engineering, product, and security teams
Fast-growing software company with low bureaucracy and practical decision-making
Opportunity to improve security processes, automation, and engineering workflows
Supportive team that values clear thinking, ownership, and continuous learning