Skip to main content
Back to jobs

Staff Product Security Engineer

External
Renesaselectronics logoRenesaselectronics · Cambridge, UK
Full-timeOn-site1w ago
Application SecurityAWSCI/CDIoTOWASPPenetration Testing
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • Security Regression Testing Design and maintain security regression test suites covering critical application flows
  • Ensure vulnerabilities, once fixed, are permanently prevented from recurring
  • Integrate security regression into CI/CD pipelines
  • Define coverage targets for security-critical areas (auth, access control, APIs, data flows)
  • Threat Modeling Lead structured threat modeling sessions for: Existing system components
  • New features and architectural changes
  • Identify attack surfaces, abuse cases, and trust boundaries
  • Translate threats into: Test cases
  • Security requirements
  • Mitigation plans
  • Ensure threat modeling becomes a continuous lifecycle activity
  • Offensive Security / Red Team Activities Perform manual and automated security testing simulating real attacker behavior
  • Focus on high-impact vulnerabilities, not theoretical findings
  • Validate exploitability and business impact
  • Partner with engineering teams to: Reproduce issues
  • Prioritize fixes
  • Validate remediation
  • OWASP Top 10-Driven Vulnerability Discovery Continuously assess the platform against OWASP Top 10 categories
  • Use deep product knowledge to find non-obvious, context-specific vulnerabilities
  • Go beyond tooling (DAST/SAST) to uncover logic flaws and abuse paths
  • Security Assurance for Product Changes Review new features and changes for security risks
  • Ensure all changes are: Threat-modeled
  • Covered by regression tests
  • Act as a security gatekeeper without becoming a bottleneck: Enable teams with guidance and tooling
  • Avoid heavy process overhead
  • Collaboration & Enablement Work closely with: Engineering teams
  • Architecture
  • SRE / Platform teams
  • Contribute to secure-by-design practices
  • Support developers in understanding and fixing vulnerabilities
  • Help scale security through: Reusable patterns
  • Automation
  • Security guidance
  • Required Qualifications
  • 5+ years in Application / Product Security
  • Bachelor's Degree or equivalent of 12 years of work experience
  • Strong hands-on experience in: Web application security testing
  • API security
  • Threat modeling methodologies
  • Deep understanding of OWASP Top 10
  • Experience with: Manual penetration testing
  • Security regression testing
  • CI/CD security integration
  • Ability to identify business logic vulnerabilities
  • Strong understanding of: Authentication, authorization, and session management
  • Multi-tenant architectures
  • Cloud-native systems

Requirements

  • Experience in SaaS / multi-tenant platforms
  • Familiarity with: Bug bounty programs
  • Red teaming
  • Security automation frameworks
  • Knowledge of: AWS
  • Identity systems and federation (SSO, MFA)
  • Background in software engineering (ability to read/write code)
  • At Renesas, you can:
  • Launch and advance your career in technical and business roles across four Product Groups and various corporate functions. You will have the opportunities to explore our hardware and software capabilities and try new things.
  • Make a real impact by developing innovative products and solutions to meet our global customers' evolving needs and help make people's lives easier, safe and secure.
  • Maximize your performance and wellbeing in our flexible and inclusive work environment. Our people-first culture and global support system,

Benefits

Flexible schedule

Additional Information

Why A365 Software Engineering? Build the cloud platform that's transforming electronics design. Altium 365 for cloud lets design engineers communicate, collaborate and bring their ideas to market more efficiently than any platform in the industry. We are looking for a Senior Product Security Engineer to extend our Product Security capability with a strong focus on continuous vulnerability discovery and prevention. This role is responsible for: Building and executing security regression testing Driving threat modeling across existing and new functionality Conducting targeted offensive security activities (Red Team-style testing) Identifying real vulnerabilities based on a deep understanding of our platform and the OWASP Top 10 Web Application Security Risks The goal is simple: ensure that both existing functionality and new changes remain secure over time, and that real vulnerabilities are discovered before customers do.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Renesaselectronics? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect