Sr. Product Security Engineer

TP-Link Systems•Irvine, CA

5d•$140,000 - $190,000

About The Position

TP-Link Systems Inc. is seeking a skilled and proactive Sr. Product Security Engineer to play a critical role in defining and driving the security architecture and design for the company’s network equipment and smart home product lines. This position will ensure that all products are secure by design, meeting the highest industry standards while addressing emerging threats in a rapidly evolving landscape. You will collaborate closely with cross-functional teams, including engineering, product management, and operations, to embed security into the entire product lifecycle.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, or a related field. Master’s degree preferred.
8+ years of experience in product security, security architecture, or equivalent roles.
Proven track record in designing and implementing security architectures for IoT or embedded systems.
Experience working with network equipment or smart home product manufacturers is highly desirable.
Deep understanding of secure software development, cryptography, and hardware security principles.
Proficient in threat modeling, risk assessment, and security testing tools.
Strong knowledge of regulatory requirements and industry standards (e.g., OWASP, CSA, NIST, EN 303 645).
Hands-on experience with cloud-connected devices, IoT protocols (e.g., MQTT, CoAP), and embedded systems security.

Nice To Haves

Relevant certifications, such as CSSLP, CISSP, or SABSA.
Experience with SBOM (Software Bill of Materials) management and related tools.
Familiarity with Zero Trust Architecture principles and application to product security.

Responsibilities

Security Architecture Design and Review: Partner with the engineering, product management, and operations teams on the development and implementation of security architecture strategies for network equipment and smart home products.
Collaborate with engineering teams to ensure security is integrated into product designs from concept to deployment.
Conduct architecture reviews, threat modeling, and security assessments to identify and mitigate risks.
Secure Development Lifecycle (SDLC) Leadership: Establish and enforce secure coding practices and design principles across all product development teams.
Partner with development teams to integrate security tools and processes into CI/CD pipelines.
Define and manage security requirements to ensure compliance with regulatory and industry standards (e.g., EU-CRA, GDPR, NIST CSF, ISO 27001).
Emerging Threats and Technology Trends: Stay informed about new attack vectors, vulnerabilities, and security technologies relevant to IoT, smart home, and networking products.
Provide expert guidance on addressing emerging threats and integrating innovative security solutions.
Support incident response teams during product-related security incidents and postmortems.
Product Security Governance: Develop and enforce policies and standards for secure product design and development.
Define and maintain a security architecture framework, ensuring consistency across all product lines.
Partner with leadership to define key security metrics and report on the product security posture.