StaffProductSecurityEngineer

Why A365 Software Engineering? Build the cloud platform that’s transforming electronics design. Altium 365 for cloud lets design engineers communicate, collaborate and bring their ideas to market more efficiently than any platform in the industry. We are looking for a Senior Product Security Engineer to extend our Product Security capability with a strong focus on continuous vulnerability discovery and prevention. This role is responsible for: * Building and executing security regression testing * Driving threat modeling across existing and new functionality * Conducting targeted offensive security activities (Red Team–style testing) * Identifying real vulnerabilities based on a deep understanding of our platform and the OWASP Top 10 Web Application Security Risks The goal is simple: ensure that both existing functionality and new changes remain secure over time, and that real vulnerabilities are discovered before customers do. Key Responsibilities * Security Regression Testing * Design and maintain security regression test suites covering critical application flows * Ensure vulnerabilities, once fixed, are permanently prevented from recurring * Integrate security regression into CI/CD pipelines * Define coverage targets for security-critical areas (auth, access control, APIs, data flows) * Threat Modeling * Lead structured threat modeling sessions for: * Existing system components * New features and architectural changes * Identify attack surfaces, abuse cases, and trust boundaries * Translate threats into: * Test cases * Security requirements * Mitigation plans * Ensure threat modeling becomes a continuous lifecycle activity * Offensive Security / Red Team Activities * Perform manual and automated security testing simulating real attacker behavior * Focus on high-impact vulnerabilities, not theoretical findings * Validate exploitability and business impact * Partner with engineering teams to: * Reproduce issues * Prioritize fixes * Validate remediation * OWASP Top