logo inner

Product Security Engineer II - Partnerships

HashiCorpUnited StatesOnsite

Product Security Engineer II - Partnerships


We are looking for a Product Security Engineer to help scale our product security function, partnering closely with Research & Development teams to ensure that security is appropriately addressed across the HashiCorp suite of cloud, self-managed, and community products.Security at HashiCorp is largely a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.

About this team


The product security partnerships team is composed of security engineers working to ensure HashiCorp delivers secure software to its customers. We work closely with product engineering teams at HashiCorp, enabling them to write secure code and embed security into the development processes. We are responsible for design review, threat modeling, and code review of new features, as well as vulnerability management across our entire product portfolio.

In this role, your responsibilities will include:


  • Contribute to secure architecture and design of HashiCorp products, across our cloud, self-managed, and community product portfolio.
  • Work across various R&D teams to prioritize security features and bugs, and ensure implementation and mitigations.
  • Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk.
  • Act as SME on multiple information security areas (e.g. security architecture, application security, threat modeling etc.)
  • Plan & execute security assessments (dynamic testing, static testing, code review, etc) and threat modeling of HashiCorp’s products, services, and associated cloud infrastructure.
  • Assist in execution of 3rd-party audits, penetration tests, and bug bounty programs.
  • Contribute to the development of security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc.
  • Contribute to the creation and delivery of security training.
  • Research emerging attack vectors and techniques.

We are looking for talented self-starters with 4+ years of security experience. We will consider experienced engineers with less security-specific experience but the desire to learn!

What you’ll need (basic qualifications)


Experience in some of these topic areas:

  • Secure development practices, and integration into broader engineering activities.
  • Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem.
  • Product and service architectures in modern, multi-tenant cloud environments (IaaS, SaaS, PaaS).
  • Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP).
  • Security design / architecture and threat modeling.
  • Application and infrastructure security testing methodologies and tools.
  • Vulnerabilities (old and new), and options for defense / mitigation.
  • Product vulnerability management lifecycle.
  • Working with and/or supporting product engineering teams
  • Cryptography and cryptographic primitives

We’re looking for a candidate with strong written and verbal communication skills, knowledge of application security topics, a pragmatic approach to security, and the ability to empathize with engineers and product managers across the company.Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular.HashiCorp embraces diversity and equal opportunity.

We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.#LI-REMOTEIndividual pay within the range will be determined based on job related-factors such as skills, experience, and education or training.The base pay range for this role in the SF Bay Area / NYC area is:$174,300—$205,000 USDThe base pay range for this role in California (excluding SF Bay Area), New York (excluding NYC), Seattle Metro, Denver / Boulder Metro, Washington D.C., or Maryland is:$159,700—$187,900 USDThe base pay range for this role in Colorado (excluding Denver / Boulder Metro), Illinois, Minnesota, or Washington (excluding Seattle Metro) is:$145,200—$170,800 USD

Life at HashiCorp

HashiCorp was founded by Mitchell Hashimoto and Armon Dadgar in 2012 with the goal of revolutionizing datacenter management: application development, delivery, and maintenance. The datacenter of today is very different than the datacenter of yesterday, and we think the datacenter of tomorrow is just around the corner. We're writing software to take you all the way from yesterday to today, and then safely to tomorrow and beyond. Physical, virtual, containers. Private cloud, public cloud, hybrid cloud. IaaS, PaaS, SaaS. Windows, Linux, Mac. These are just some of the choices faced when architecting a datacenter of today. And the choice is not one or the other; instead, it is often a combination of many of these. HashiCorp builds tools to ease these decisions by presenting solutions that span the gaps. Our tools manage both physical machines and virtual machines, Windows, and Linux, SaaS and IaaS, etc. And we're committed to supporting next-generation technologies, as well. HashiCorp was founded and continues to be run by the primary authors of all our core technologies powering thousands of companies worldwide. We speak at conferences and write books related to application and infrastructure management. All our foundational technologies are open source and developed openly, and have been since 2010. The Tao of HashiCorp is the foundation that guides our vision, roadmap, and product design. As you evaluate using or contributing to HashiCorp's products, it may be valuable to understand the motivations and intentions for our work. Learn more about the Tao of HashiCorp here: https://www.hashicorp.com/tao-of-hashicorp
Thrive Here & What We Value- Collaborative and Supportive Work Environment- Agile Methodologies- Customer-Centric Approach- Continuous Learning and Improvement- Innovation and Creativity- Outstanding Customer Experiences- Flexible Working Arrangements- Comprehensiveness over Point Solutions- Investment in Deployment Options
View more

Related Sub

This job belongs to these sub. Explore related roles here:
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025