01 Sep 2025
[Hiring] Product Security Engineer REMOTE USA
Position: Product Security Engineer
Date Posted: September 1, 2025
Industry: Cybersecurity / Software / eCommerce
Employment Type: Full-Time
Experience: 3+ years of technical security experience at top-tier software companies
Qualification: Computer Science / Engineering degree or equivalent professional experience
Salary: $84,957—$173,775
Location: Home, KS, United States (Remote)
Company: iHerb, LLC
Description:
- Job Summary:
We are looking for a hands-on Product Security Engineer to advance our Secure Development Lifecycle (SDL) practices, build and operate security automation, and strengthen product hardening across our services. You’ll partner with global development teams to design secure solutions, evaluate security tooling, and help the company respond to evolving threats. - Key Responsibilities:
- Drive cross-functional SDL initiatives and introduce modern, scalable security practices across product teams.
- Lead security design reviews and threat modeling for new features and existing services.
- Evaluate, prototype and operate security tooling (DAST, SAST, SCA, etc.) and integrate them into CI/CD pipelines.
- Define secure architecture standards, frameworks and patterns that span application, API and infrastructure layers.
- Monitor emerging threats, assess relevance to iHerb, and implement centralized mitigations.
- Participate in security assessments, penetration tests, and bug bounty programs.
- Contribute to incident response and help remediate findings quickly and effectively.
- Push security initiatives forward in a fast-moving environment where decisive action is required.
- Required Knowledge, Skills & Abilities:
- Solid technical foundation with a firm grasp of application and infrastructure vulnerabilities (OWASP Top 10, common CWEs).
- Proven experience implementing SDL processes, automation and tooling in a DevOps/CI-CD environment.
- Hands-on experience with large-scale web applications and microservices — API design, authentication, authorization and data protection.
- Strong problem-solving, critical thinking and written/oral communication skills.
- Experience running or supporting application security awareness programs, training, or security champions.
- Active participation in the security community (research, OSS contributions, publications) is a plus.
- Technical / Equipment Knowledge:
- Familiarity with major programming languages and frameworks such as Python, C# (.NET), JavaScript/node.js, Java, and the ability to read and reason about code.
- Experience Requirements:
- Generally requires three (3) or more years of technical security experience, ideally gained at high-caliber software companies and covering areas like threat modeling, security design, cryptography and cloud security.
- Education Requirements:
- Degree in Computer Science, Engineering or equivalent experience, with an ability to translate technical vulnerabilities into business risk.
- Compensation & Benefits:
- Competitive pay within the stated range. Eligible employees may participate in medical, dental, vision and life insurance programs, 401(k) plans, paid time off, and paid holidays.
- Selected hires may be eligible for Restricted Stock Units (RSUs) and annual bonus awards based on performance and plan eligibility. For full details on benefits, visit iHerbBenefits.com.
- Work Environment & Expectations:
- Fast-paced, dynamic setting with occasional extended hours as needed. Role may involve collaboration across office and warehouse contexts and requires strong interpersonal skills and adaptability.
- Reasonable accommodations will be provided for individuals with disabilities.
- Staffing Agency Submission Notice:
- iHerb does not accept unsolicited agency candidates. Agencies interested in being considered as suppliers should contact staffingvendors@iherb.com via the Vendor Management System and should not approach iHerb employees directly.
- About iHerb:
- iHerb’s mission is to make health and wellness accessible worldwide. As a leading eCommerce platform for supplements, personal care and grocery items, we serve customers across 180+ countries and offer a collaborative culture guided by customer focus, empowerment, entrepreneurship, diversity and simplicity. iHerb is an equal opportunity employer.
Disclaimer: The job details above are structured for clarity and based on publicly available content from recruiters/Company pages. All rights remain with the original source; names may be withheld for confidentiality. We are not involved in the hiring process.