Senior Product Security Engineer
4 weeks ago
Job Description :
Responsibilities :
Secure Development Lifecycle (SDLC) Integration :
- Serve as a security advocate and partner to development teams, providing guidance on secure coding practices, threat modeling, and security testing.
- Conduct security design reviews and threat modeling sessions for new and existing features and products.
- Work with engineering teams to prioritize and remediate security vulnerabilities found through various sources (e.g., SAST, DAST, penetration tests).
Security Tooling and Automation :
- Evaluate, implement, and manage a suite of application security tools, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
- Integrate security tools and processes into the CI/CD pipeline to automate security checks and provide rapid feedback to developers.
- Develop custom scripts and tools to automate security tasks and improve the efficiency of our AppSec program.
Vulnerability Management and Remediation :
- Perform code reviews to identify and address security vulnerabilities.
- Manage our bug bounty program and coordinate with external researchers.
- Conduct hands-on penetration testing and vulnerability assessments of our applications and APIs.
- Provide expert guidance on remediation strategies and track vulnerabilities to closure.
Security Research and Education :
- Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices.
- Research and evaluate new security technologies and methodologies.
- Develop and deliver security training and workshops for engineers and other stakeholders.
- Create and maintain security documentation, including secure coding guidelines and threat models.
Qualifications :
Experience : 6- 8 years of experience in application security, product security, or a related cybersecurity role.
Technical Skills :
- Deep understanding of the OWASP Top 10, CWE, and other common web application security vulnerabilities.
- Expertise in at least one major programming language (e.g., Python, Go, Java, Ruby, Node.js) and familiarity with others.
- Hands-on experience with security testing tools (e.g., Burp Suite, Zap, Nmap, Metasploit).
- Strong knowledge of authentication and authorization protocols (e.g., OAuth2, OpenID Connect, SAML).
- Experience with cloud platforms (e.g., AWS, GCP, Azure) and associated security services.
- Proficiency with CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions).
- Experience with containerization and orchestration technologies (e.g., Docker, Kubernetes).
Soft Skills :
- Excellent written and verbal communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences.
- Strong analytical and problem-solving skills.
- Ability to work independently and as part of a cross-functional team.
- Proactive, curious, and a lifelong learner.
Bonus Points :
- Relevant industry certifications (e.g., CISSP, OSCP, GWEB, GWAPT).
- Experience in a B2B SaaS or consumer-facing product company.
- Contributions to open-source security projects or a personal security blog.
- Experience with bug bounty programs as either a researcher or a program manager.
(ref:hirist.tech)-
Product Security Engineer
4 days ago
Hyderabad, Telangana, India Atlas Consolidated PTE Ltd Full time US$ 1,20,000 - US$ 2,00,000 per yearAbout AtlasHello and welcomeAtlas Consolidated Pte Ltd. owns and operates two brands: Hugosave, a B2C consumer finance app, and HugoHub, a B2B Banking as a Service platform. Atlas is Headquartered in Singapore.HugosaveHugosave is a personal financial management application that puts saving first. Our initial market is Singapore, but regional and global...
-
Senior Security Engineer
4 weeks ago
Hyderabad, Telangana, India Dew Software Full timeWe are looking for a passionate and experienced Senior Security Engineer to join our team. The ideal candidate will have a strong technical background in cybersecurity, with hands-on experience managing modern security platforms and building scalable security automation solutions. You will be responsible for developing, implementing, and maintaining security...
-
Principal Product Security Engineer
2 weeks ago
Hyderabad, Telangana, India Medtronic Full time US$ 1,50,000 - US$ 2,00,000 per yearAt Medtronic you can begin a life-long career of exploration and innovation, while helping champion healthcare access and equity for all. You'll lead with purpose, breaking down barriers to innovation in a more connected, compassionate world.A Day in the LifeWe value what makes you unique. Be a part of a company that thinks differently to solve problems,...
-
Senior Product Security Analyst
3 weeks ago
Hyderabad, Telangana, India GE Vernova Full timeJob DescriptionJob Description SummaryWe are looking for an Sr Product Security Analyst, with a focus in vulnerability management and incident response capability. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the product incident response team.Job DescriptionRoles and...
-
Cyber Security Engineer
3 weeks ago
Hyderabad, Telangana, India People Prime World Wide Full timeAbout client : It is a world leader in fire & life safety solutions tailored for complex commercial facilities to homes. Through iconic, industry-defining brands including Kidde, Kidde Commercial, Edwards, GST, Badger, Gloria and Aritech, we provide residential and commercial customers with advanced solutions and services to protect people and property in a...
-
Senior Network Security Engineer
2 weeks ago
Hyderabad, Telangana, India Eficens Systems Full timeJob Title : Senior Network & Security Engineer Experience Required : 5+ years of experience Job Type: Full Time Location : Hyderabad ROLES & RESPONSIBILITIES: 1. Configuring virtual Network & Security Devices as required and analyzing the device configurations. 2. Research the security aspects of Networking and come up with...
-
Engineering Manager
4 weeks ago
Hyderabad, Telangana, India Aqua Security Full timeJob DescriptionWe are looking for a talented Engineering Manager who is innovative, passionate, and enthusiast to join our top-notch team.We are building a state of the art security platform for large enterprises in the exciting and innovative new field of software containers. Our systems are deployed on thousands of customer servers around the world. A...
-
Product Security Engineer
4 weeks ago
Hyderabad, Telangana, India ServiceNow Full timeCompany Description It all started in sunny San Diego California in 2004 when a visionary engineer Fred Luddy saw the potential to transform how we work Fast forward to today - ServiceNow stands as a global market leader bringing innovative AI-enhanced technology to over 8 100 customers including 85 of the Fortune 500 Our intelligent cloud-based...
-
Sr Product Security Engineer, App Security
3 days ago
Hyderabad, Telangana, India ServiceNow Full time US$ 1,50,000 - US$ 2,00,000 per yearCompany Description It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500. Our intelligent cloud-based...
-
Cyber Security Engineer
2 weeks ago
Hyderabad, Telangana, India Go IT Builders Software Solutions Full timeWe are looking for a Principle/Senior Product Security Engineer located in Hyderabad. The ideal candidate will have the following experience/skillsets but not limited to:Previous experience as a developer preferred "Not a pen tester"Deep understanding of Application securityDeep understanding of securing CI/CD pipelinesExperience with Cloud to include...
