Cybersecurity Lead - Product Security (Network Hardware & OS)

About This Role

Responsibilities

• Lead the integration of security gates into the product development lifecycle for network hardware and OS software. Enforce the standardized SDLC policy and ensure threat modeling (using frameworks like STRIDE or PASTA) is conducted during the design phase of every new product release.
• Direct the security hardening of the network operating system. Define and enforce baseline configurations to ensure the OS is resistant to tampering, implementing controls such as secure boot, kernel hardening, and restricted shell access.
• Orchestrate the "Standardizing Dynamic Testing and Vulnerability Management" initiative for product software.
• Oversee the implementation of Static Application Security Testing (SAST) using tools like Snyk in the CI/CD pipeline and establish a Dynamic Application Security Testing (DAST) framework to identify runtime vulnerabilities.
• Architect product features that support Zero Trust environments. Ensure network products support granular micro-segmentation capabilities and robust identity integration, moving away from local authentication to centralized, MFA-ready administrative access.
• Manage the product vulnerability lifecycle. Establish Service Level Agreements (SLAs) for remediating findings identified during penetration testing and DAST scans, ensuring no critical vulnerabilities ship to production.
• Ensure all product cryptographic implementations align with the "IT Encryption & Cryptography Policy", mandating AES-256 standards. Validate the security of implemented network protocols (BGP, OSPF, SSH, TLS) against industry best practices.

Requirements

• Threat Modeling: Mastery of threat modeling methodologies (STRIDE, PASTA) to identify design flaws early in the development cycle.
• Hardening: Expert knowledge of OS hardening standards (CIS Benchmarks, NIST) and how to apply them to custom hardware platforms.
• Cryptography: Solid understanding of applied cryptography (PKI, TLS, AES, secure boot chains).
• Zero Trust: Ability to translate "Zero Trust" concepts into concrete product features (e.g., API security, mutual TLS).
• Innovator: A proactive problem-solver who can balance security requirements with product performance and time-to-market constraints.
• Technical Authority: Capable of earning the respect of hardware engineers and kernel developers through deep technical competence.
• Detail-Oriented: Rigorous in validating that "Secure by Design" is not just a slogan, but a documented and tested reality.
• Product Security: 8–10 years of experience in product security, specifically focusing on network hardware (switches, routers, gateways) or embedded systems.
• Software Development: Strong background in C/C++, Go, or Python, with experience developing or securing Network Operating Systems (e.g., SONiC, Linux-based embedded OS).
• Network Architecture: Deep expertise in network protocols (L2/L3, TCP/IP, VLANs, VXLAN) and network security technologies (Firewalls, ACLs, 802.1X).
• AppSec Tooling: Proven experience implementing SAST/DAST pipelines (e.g., Snyk, Coverity, Burp Suite) and managing vulnerability disclosure programs.
• Education: Bachelor's degree in IT, Networking, or a related field (equivalent experience accepted).
• Certifications: Checkpoint CCSE (highly preferred), CompTIA Security+ or Cisco CCNP Security.

About Celestica

Celestica is a global leader in high-reliability design, manufacturing, and supply chain solutions for electronics. Founded in 1994 in Toronto, Canada, the company became independent in 1996 and went public in 1998. With a strong presence across North America, Europe, and Asia, Celestica operates manufacturing facilities and design centers in key locations including China, Mexico, and the United States. The company offers end-to-end solutions that cover the entire product lifecycle. Their services include high-reliability design, electronics manufacturing, and global supply chain management. Celestica specializes in sectors such as aerospace, defense, healthcare, and communications, providing sophisticated electronics assemblies and networking systems. With a commitment to quality and engineering excellence, Celestica has built strong partnerships with top brands, positioning itself as a trusted partner in delivering complex technology products.