Product Security Engineer

Product Security Engineer

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
A

At a Glance

  • Tasks: Secure our innovative SaaS product and collaborate with engineering teams to enhance security practices.
  • Company: Join Action1, a fast-growing tech company trusted by Fortune 500 firms.
  • Benefits: Enjoy fully remote work, high ownership, and direct impact on security practices.
  • Other info: Be part of a supportive team that values continuous learning and practical decision-making.
  • Why this job: Make a real difference in cybersecurity while working with cutting-edge technology.
  • Qualifications: 3+ years in product security or related fields, strong software engineering skills.

The predicted salary is between 60000 - 80000 £ per year.

Action1 is an autonomous endpoint management platform trusted by many Fortune 500 companies. Cloud-native, infinitely scalable, highly secure, and configurable in minutes—it just works and is always free for the first 200 endpoints with no functional limits. By pioneering autonomous OS and third-party patching with peer-to-peer patch distribution and real-time vulnerability assessment without requiring a VPN, Action1 eliminates routine IT labor, helps prevent ransomware and security risks, and protects the digital employee experience. In 2025, Action1 was recognized by Inc. 5000 as the fastest-growing private software company in America.

The Role

We are looking for a Product Security Engineer to join the team responsible for securing Action1’s multi-tenant SaaS product. In this role, you will work closely with engineering, product, and security teams to identify risks early, support vulnerability handling, improve secure development practices, and help make product security practical, clear, and actionable. This is a hands‑on role for someone who understands both software engineering and cybersecurity, enjoys working directly with developers, and wants to help build security into the product without slowing teams down unnecessarily.

What you’ll do

  • Support PSIRT and vulnerability handling activities
  • Validate, triage, track, and coordinate security reports
  • Provide practical remediation guidance to engineering teams
  • Help validate security fixes and reduce product security risks
  • Review code, APIs, and architecture to identify security issues early
  • Conduct threat modeling and security design reviews
  • Improve security automation in engineering workflows
  • Support SAST, SCA, secrets scanning, and other security controls
  • Maintain SBOMs, dependency visibility, and remediation follow-up
  • Support security assessments, vulnerability assessments, and penetration testing
  • Maintain vulnerability handling playbooks, product security procedures, and incident response runbooks

What we’re looking for

  • 3+ years of experience in product security, application security, DevSecOps, or a related cybersecurity field
  • Strong software engineering background and ability to work effectively with engineering teams
  • Understanding of application, API, infrastructure, and software supply chain security risks
  • Experience applying cloud security concepts and practices
  • Understanding of IAM, network security, logging, monitoring, and secure cloud architecture patterns
  • Familiarity with vulnerability management, incident response, security assessments, and secure SDLC practices
  • Experience with threat modeling and security design reviews
  • Strong communication skills, including professional communication with external researchers and vendors
  • Ability to work independently and as part of a team in a fast‑moving environment

Nice to have

  • Genuine interest in cybersecurity and motivation to grow as a product security expert
  • Hands‑on experience with AWS security controls, best practices, and architecture patterns
  • Hands‑on experience with C++ or JavaScript
  • Experience with security testing and automation using scripting, APIs, CI/CD pipelines, or specialized tools
  • Experience with threat modeling for SaaS, API, cloud, or on‑prem product components
  • Experience with SBOM generation, dependency visibility, or software supply chain security

What we offer

  • Fully remote work environment
  • Opportunity to work on a real security product used by IT and security teams
  • High ownership and direct impact on product security practices
  • Close collaboration with engineering, product, and security teams
  • Fast-growing software company with low bureaucracy and practical decision‑making
  • Opportunity to improve security processes, automation, and engineering workflows
  • Supportive team that values clear thinking, ownership, and continuous learning

Product Security Engineer employer: Action1 Corporation

Action1 is an exceptional employer, offering a fully remote work environment that empowers Product Security Engineers to make a tangible impact on a cutting-edge security product used by Fortune 500 companies. With a strong emphasis on collaboration, ownership, and continuous learning, employees are encouraged to innovate and improve security processes in a fast-growing company that values practical decision-making and low bureaucracy.

A

Contact Details:

Action1 Corporation Recruitment Team

We think you need these skills to ace Product Security Engineer

Product Security
Application Security
DevSecOps
Software Engineering
Cloud Security
IAM (Identity and Access Management)
Network Security