Product Security Expert

 Posted 2 hours ago
  
 Worldwide
  
2-5 years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

The role involves triaging security findings from ASPM tools and classifying vulnerabilities across SAST, SCA, and CSPM categories. Additionally, the expert will develop risk-based testing strategies and maintain automated test suites using Playwright and Selenium.

This is a remote position.

We are looking for a Product Security Engineer to join our team and support vulnerability triage, risk-based testing, and test automation initiatives across modern cloud-based platforms.

In this role, you will focus on identifying, classifying, and validating security findings while contributing to a robust testing strategy and automation framework. You will work closely with internal teams using asynchronous communication and apply both analytical and exploratory approaches to ensure high-quality software delivery.

The role combines application security, vulnerability assessment, and quality assurance, with a strong focus on structured analysis, automation, and cloud environments.

Responsibilities:
Review and triage security findings from ASPM tools
Classify findings as true positive, false positive, or requires additional context
Document classification rationale using standardized templates
Maintain and organize findings backlog per product
Flag ambiguous or unclear findings for further review
Work across multiple vulnerability categories:
SAST (code-level vulnerabilities)
SCA (dependency and transitive risks)
Secret detection (credentials exposure)
CSPM (Azure cloud misconfigurations)

Develop and refine a risk-based testing strategy
Apply exploratory testing techniques for complex and high-risk scenarios
Validate end-to-end business flows from a user perspective

Build and maintain automated test suites using:
Playwright (TypeScript) for new tests
Selenium (C#) for existing legacy tests

Support migration from Selenium to Playwright over time
Collaborate with the team to ensure scalable and maintainable test architecture

Leverage AI tools to accelerate:
Test design
Test data generation
Automated test development

Continuously improve QA processes based on:
Production incidents
User feedback
System logs and analytics

Requirements:
BSc or MSc in Computer Science, Engineering, or a related field
Experience with vulnerability assessment and security concepts (OWASP Top 10 level)
Familiarity with Azure cloud services
Ability to read and understand code (e.g., .NET/C#, JavaScript/TypeScript, Python)
Understanding of dependency scanning and transitive dependencies
Experience with test automation frameworks (Playwright and/or Selenium)
Strong attention to detail and structured work approach
Ability to work independently with asynchronous communication
Fluency in written English

Hands-on experience with:
ASPM / SAST / SCA tools
Test automation frameworks (Playwright, Selenium)
Exploratory and risk-based testing strategies

Nice-to-have:
Experience with tools such as:
Snyk
Checkmarx
Semgrep
SonarQube
Aikido
Wiz
OX or similar

Experience using AI tools for triaging and test automation

Strong communication skills
Analytical mindset with a focus on accuracy over speed
Ability to balance security, quality, and business priorities
Collaborative and proactive attitude

If this sounds like you, share your CV with us and let’s talk.



Similar Jobs

See all Remote Others jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Others

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified