Senior Product Security Engineer (m/w/d)
Job Description
Senior Product Security Engineer (m/w/d)
Vusion is looking for an experienced product security engineer with focus on IoT devices. Your mission will be to strengthen security and privacy as a competitive advantage across our cloud-connected products, devices, and services. You will shape secure architecture for one of the fastest-growing connected hardware companies in the world, work across device, gateway, and cloud platforms, and help scale security for a global customer base.
Responsibilities
- Define and drive the strategy for product security, privacy and compliance across Vusion cloud platforms, devices and product lines in collaboration with engineering and legal teams
- Lead threat modelling, security architecture reviews, and security-by-design practices for cloud, gateway, and device solutions.
- Discover, triage and prioritize vulnerabilities via code reviews, fuzzing, static analysis and penetration testing
- Design and improve security controls for connected products, including secure provisioning, PKI and certificate lifecycle management, secrets management, secure boot, firmware signing, and OTA integrity
- Work closely with engineering teams to remediate vulnerabilities found internally or reported by researchers and help drive durable fixes
- Establish and review security monitoring, audit logging, periodic assessments, and control effectiveness across services and products
- Evaluate new security tools, services, and architectural patterns to ensure Vusion uses state-of-the-art security technologies in a pragmatic way
Qualifications
- Bachelor’s degree in computer science, cybersecurity, network engineering, or a related field, or equivalent work experience
- 7+ years of experience in product security, security architecture, and/or cloud security, ideally in IoT or cloud-connected device environments.
- Hands-on experience with IoT platforms, large-scale distributed systems, and cloud-connected client-server architectures.
- Defining production procedures from defining Secure boots, keys provisioning, signing production data, signing SW and FW images, certificate and key management
- Experience with threat modelling, secure SDLC practices, SAST/DAST/SCA, SBOMs, vulnerability management, and remediation of penetration test findings.
- Prior privacy and compliance experience with frameworks such as GDPR, ISO 27001, SOC 2, and the EU Cyber Resilience Act.
- Relevant security certifications such as CSSLP, CCSP, CISSP, or AZ-500 are a plus.
- Excellent communication skills, with the ability to articulate a compelling security vision and educate teams on secure design and common vulnerability classes.
- Self-motivation, strong problem-solving skills, and a passion for staying current with modern security tools, infrastructure, and industry best practices.
We feel supported. You will too.
VusionGroup is a place where people feel safe, happy, and respected. We offer programs and benefits to support you in whatever comes next in your life, including:
Pay: Competitive pay and shareholder equity (VusionGroup to add pay, based on state requirements or if relevant)
Schedule: A flexible, hybrid work schedule
Health Benefits: Company Doctor
- 🎒 Company merch and presents
- 💻 Notebook (can also be used privately)
- 🚏 Good public transport connections w/ financial support
- ⏲️ Flexible working hours
- 🏡 Home Office
- 🩳 No dresscode / casual style
- 💸 No All-In contract
- ⛹️ Team Events
- 🚤 Beautiful Mur in walking distance
- ♿️ Accessibility
- 🚲 Bicycle parking
- 🍽️ Canteen with different meals and financial assistance
- 🥙 Nearby kebab
- 🥝 Fresh fruits
- ☕️ Coffee, tea, water, …
- 🔌 Electric charging station
- 🧳 Airport Graz nearby
- 🗺️ Multiculturality – Hanging out with colleagues from all around the world
A minimum basic salary of EUR 3.954,00 gross per month for full-time employment applies to the advertised position with a willingness to pay depending on the actual qualifications.