Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support secure product development and assist in vulnerability management.
- Company: Join Sonos, a leader in creating the ultimate listening experience.
- Benefits: Enjoy a collaborative office environment and opportunities for professional growth.
- Why this job: Be part of a dynamic team focused on cybersecurity and product innovation.
- Qualifications: Bachelor's degree in Computer Science or Cyber Security; internships welcome.
- Other info: This role is office-based in Glasgow, requiring in-person collaboration.
The predicted salary is between 30000 - 42000 ÂŁ per year.
Join to apply for the Junior Product Security Engineer role at Sonos, Inc.
Join to apply for the Junior Product Security Engineer role at Sonos, Inc.
At Sonos we want to create the ultimate listening experience for our customers and know that it starts by listening to each other. As part of the Sonos team, you’ll collaborate with people of all styles, skill sets, and backgrounds to realize our vision while fostering a community where everyone feels included and empowered to do the best work of their lives.
This role is located on-site at our Glasgow office
This position is office-based, meaning regular in-person collaboration or use of office equipment is essential to maximize effectiveness for this team and/or position. Qualified applicants must live within commuting distance of our Glasgow office location and should expect to be in office a minimum of 4 days per week.
At Sonos, our Product Security Vision is to protect our products by implementing proven security practices and leveraging expertise to create experiences that both delight our customers and safeguard them and their information from cyber threats.
We are seeking a highly motivated and detail-oriented Junior Product Security Engineer to join our growing Product Security team. This role is a vital component of our product security strategy, providing essential operational support to our Product Security team and contributing significantly to the overall stability and long-term scalability of our Product Security program.
You will play a key role in our efforts to ensure Sonos products meet evolving global cybersecurity regulations, assist in embedding security throughout our development lifecycle, and help build a robust foundation for future product security expertise at Sonos.
What You’ll Do
As a Junior Product Security Engineer, you will:
- Support Secure Product Development:
- Assist in creating and improving secure software development practices, helping to identify and mitigate common security flaws (e.g., OWASP Top 10 vulnerabilities) in web applications, mobile, and IoT devices.
- Help ensure the proper implementation of authentication and authorization mechanisms, encryption fundamentals, and secure communication protocols like TLS/SSL.
- Support threat modeling exercises (e.g., using STRIDE or DREAD methodologies) to identify potential security risks in system designs.
- Gain hands-on experience with common security tools and technologies such as static analysis (SAST), dynamic scanning (DAST), and security testing frameworks.
- Assist in streamlining vulnerability remediation processes, tracking defect status, and facilitating vulnerability information flow to development teams.
- Learn and support Product Security Incident Response Team (PSIRT) processes, including vulnerability management, security advisory creation, and coordinated disclosure procedures.
- Assist the team with documentation, evidence collection, and maintaining accurate records for product software, services, and data compliance (e.g., for EU CRA, UK PSTI Act, EU RED Delegated Act, GDPR, CCPA).
- Conduct targeted research on emerging regulations, industry best practices, and new security technologies to support compliance efforts.
- Learn from senior team members and external experts, developing a strong foundational understanding of product security, regulatory compliance (GRC principles), and incident response.
- Assist in the coordination of the \”security champions\” program by preparing materials, tracking engagement, and supporting training initiatives.
Basic Qualifications
We are looking for an enthusiastic and detail-oriented individual with a strong foundational understanding of cybersecurity and a keen interest in growing a career in product security.
Education & Certifications:
- Bachelor\’s degree in Computer Science, Cyber Security, or a related technical field.
- Relevant security certifications (e.g., CompTIA Security+, CySA+) are a plus.
Experience:
- Minimum of 0-2 years of experience in security, IT, or related technical fields, including valuable internships or academic projects focusing on cybersecurity.
- Experience with secure software development practices and an understanding of OWASP Top 10 vulnerabilities with the ability to identify common security flaws in web applications, mobile, and IoT devices.
- Basic knowledge of programming languages (Python, C++, Java, or JavaScript) and familiarity with code review processes.
- Basic understanding of cloud security concepts and familiarity with major cloud platforms (AWS, Azure, or GCP).
- Familiarity with Product Security Incident Response Team (PSIRT) processes, including vulnerability management.
- Knowledge of compliance frameworks (such as SOC 2, ISO 27001, or GDPR) and/or experience participating in security assessments or audits is a plus.
Skills:
- Foundational Technical Skills: Solid understanding of authentication and authorization mechanisms, encryption fundamentals, and secure communication protocols like TLS/SSL.
- Security Tool Familiarity: Familiarity with common security tools and technologies such as static analysis tools, dynamic scanning tools, and security testing frameworks.
- Threat Modeling: Basic understanding of threat modeling methodologies (such as STRIDE or DREAD) and interest in participating in threat modeling exercises.
- Research & Documentation: Strong ability to conduct thorough research, organize information logically, and produce clear, accurate documentation.
- Attention to Detail: Meticulous approach to managing data, tracking vulnerabilities, and maintaining compliance evidence, critical for audit readiness.
- Learning Agility: Enthusiastic, proactive, and quick to learn new technical concepts, security tools, complex regulatory frameworks, and internal processes.
- Communication: Good verbal and written communication skills for effective internal collaboration and information sharing.
Visa Sponsorship: Sonos is unable to sponsor or take over sponsorship of an employment visa for this role at this time. We ask that applicants be authorized to work for any UK employer, both now and in the future.
Your profile will be reviewed and you\’ll hear from us once we have an update. At Sonos we take the time to hire right and appreciate your patience.
Seniority level
-
Seniority level
Internship
Employment type
-
Employment type
Full-time
Job function
-
Job function
Information Technology
-
Industries
Computers and Electronics Manufacturing
Referrals increase your chances of interviewing at Sonos, Inc. by 2x
Sign in to set job alerts for “Product Security Engineer” roles.
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Junior Product Security Engineer employer: Sonos, Inc.
Contact Detail:
Sonos, Inc. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Junior Product Security Engineer
✨Tip Number 1
Familiarise yourself with the OWASP Top 10 vulnerabilities, as this knowledge is crucial for the Junior Product Security Engineer role. Consider creating a personal project or contributing to open-source projects that focus on secure software development practices to demonstrate your understanding.
✨Tip Number 2
Gain hands-on experience with security tools like static analysis and dynamic scanning tools. You can do this by setting up a lab environment at home where you can practice using these tools on sample applications to showcase your skills during interviews.
✨Tip Number 3
Engage with the cybersecurity community through forums, webinars, or local meetups. Networking with professionals in the field can provide insights into the latest trends and may even lead to referrals for job openings at Sonos.
✨Tip Number 4
Stay updated on emerging regulations and compliance frameworks relevant to product security. This could involve following industry news, subscribing to relevant newsletters, or taking online courses to enhance your knowledge, which will be beneficial in your role at Sonos.
We think you need these skills to ace Junior Product Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience and skills that align with the Junior Product Security Engineer role. Focus on any projects or internships related to cybersecurity, secure software development practices, and familiarity with security tools.
Craft a Compelling Cover Letter: Write a cover letter that showcases your enthusiasm for the role and the company. Mention specific aspects of Sonos that resonate with you, such as their commitment to security and innovation in product development.
Highlight Relevant Skills: In your application, emphasise your foundational understanding of cybersecurity concepts, programming languages, and any experience with threat modelling or compliance frameworks. This will demonstrate your readiness for the role.
Proofread Your Application: Before submitting, carefully proofread your CV and cover letter for any spelling or grammatical errors. A polished application reflects attention to detail, which is crucial for a role in product security.
How to prepare for a job interview at Sonos, Inc.
✨Understand the Role
Make sure you thoroughly understand the responsibilities of a Junior Product Security Engineer. Familiarise yourself with secure software development practices, OWASP Top 10 vulnerabilities, and the importance of compliance regulations like GDPR. This knowledge will help you answer questions confidently.
✨Showcase Your Technical Skills
Be prepared to discuss your foundational technical skills, such as your understanding of authentication mechanisms, encryption fundamentals, and secure communication protocols. If you have experience with programming languages or security tools, be ready to share specific examples of how you've used them.
✨Demonstrate Learning Agility
Highlight your enthusiasm for learning and adapting to new technologies and security practices. Share instances where you've quickly picked up new concepts or tools, as this role requires a proactive approach to staying updated in the fast-evolving field of cybersecurity.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Practice articulating how you would approach threat modelling exercises or vulnerability management processes, using methodologies like STRIDE or DREAD to demonstrate your understanding.