Product Security Engineer
Boston, MA, USA·Posted today
cybersecurityinfrastructureroboticspythonaws
Sea Machines is a fast-growing startup that is leading the new high-tech sector of autonomous technology for marine vessels. We are passionate about applying practical A.I. to the massive global ocean transportation market. Our products provide ships and workboats the intelligence to work remotely and give maritime operators the tools to effectively communicate with them. Based in Boston and operating globally, the company is crewed by an experienced team of mariners, engineers, coders, and autonomy scientists. Sea Machiners get the unique opportunity to work in a very dynamic domain (the ocean world), serve and visit people and places around the planet, and solve challenges not seen in most other robotics sectors. Job Summary We are seeking a Product Security Engineer with strong networking expertise to secure our fleet of autonomous vessels and supporting infrastructure. This role owns vulnerability management, secure development practices, and network security across our distributed, remote-connected systems (VPN/mesh networking, vessel-to-shore links). Responsibilities and Duties ● Conduct vulnerability assessments and penetration testing on applications, systems, and network infrastructure ● Design, harden, and maintain network security architecture, including segmentation, VPN/mesh networks (e.g., Tailscale) and firewalls across vessel-side and cloud-side systems ● Secure and harden our AWS cloud infrastructure, including IAM policies, VPC/network configuration, and cloud-native security tooling ● Integrate and manage SAST and SCA tooling (e.g., SonarQube) into the development pipeline to catch vulnerabilities and dependency risks pre-deployment ● Build and maintain security monitoring using observability platforms such as Datadog, including alerting on anomalous network and application behavior ● Integrate security gates into CI/CD pipelines (Jenkins), working with development teams to embed security best practices into the SDLC ● Monitor and respond to security incidents and breaches, with particular attention to network-layer threats ● Develop and maintain security tools and frameworks ● Create and maintain comprehensive documentation related to security practices and protocols ● Provide security and software development support to the DevOps team. Qualifications and Skills ● Bachelor's degree in Computer Science, Cybersecurity, or a related field; Master's degree preferred ● 3+ years working in Product Security and CI/CD or software development ● Strong, demonstrable networking security experience — VPNs, routing, and firewalls ● Strong hands-on experience with AWS (IAM, VPC, cloud-native security services) ● Hands-on experience with SAST/SCA tools (SonarQube or equivalent) and integrating them into CI/CD (Jenkins or equivalent) ● Experience with observability/monitoring platforms (Datadog or equivalent) for security use cases ● Deep understanding of software-security principles and cloud-infrastructure security ● Strong knowledge of security protocols, cryptography, secure coding practices, and OAuth/auth protocols ● Experience with security tools such as IDS/IPS, firewalls, and vulnerability scanners ● Proficiency in programming languages such as Python, Java, C++, or similar ● Proficiency in common operating systems (Linux, Windows) and deep familiarity with networking protocols ● Understanding of compliance and security frameworks (e.g., CMMC, CIS Benchmarks) ● Excellent problem-solving skills and attention to detail ● Strong communication skills and ability to work collaboratively across teams ● Comfortable with a fast-paced development schedule ● Experience collaborating with other functional teams to define requirements and goals. ● Comfortable with a fast-paced development schedule Job Type: Full-time Benefits: 401(k) Dental insurance Disability insurance Flexible spending account Health insurance Life insurance Paid time off Parental leave Vision insurance