Product Security Lead Engineer

Job Description WHAT YOU DO AT AMD CHANGES EVERYTHING At AMD, our mission is to build great products that accelerate next-generation computing experiences - from AI and data centers, to PCs, gaming and embedded systems. Grounded in a culture of innovation and collaboration, we believe real progress comes from bold ideas, human ingenuity and a shared passion to create something extraordinary. When you join AMD, you'll discover the real differentiator is our culture. We push the limits of innovation to solve the world's most important challengesstriving for execution excellence, while being direct, humble, collaborative, and inclusive of diverse perspectives. Join us as we shape the future of AI and beyond. Together, we advance your career. Product Security Lead Engineer Job Description As a Product Security Engineer, you will be responsible for ensuring the security of our software products throughout their lifecycle. You will work closely with development teams to integrate security best practices into the software development process and address potential vulnerabilities. Key Responsibilities - Serve as the engineering representative focused on security for internal stakeholders. - Develop, implement, and advance security testing methodologies, including penetration testing and vulnerability assessments. - Perform threat modeling and risk assessments to identify potential vulnerabilities in software applications. - Monitor and analyze security incidents, providing recommendations for remediation and prevention. - Stay current with industry trends, emerging threats, and security technologies. - Conduct security training and awareness sessions for development teams. - Conduct security code reviews and static/dynamic analysis to identify and remediate security flaws. Qualifications - Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. - 10-12 years of experience in software security engineering or a related field, with a focus on application security. - Proficiency in scripting languages (especially Python). - Familiarity with secure coding practices. - Strong knowledge of security principles, practices, and frameworks (e.g., OWASP, NIST, etc.). - Experience with security tools such as BlackDuck, SonarQube, and Coverity. - Strong understanding of CI/CD pipelines, Github integration, and creating automation frameworks for SDLC. - Familiarity with the software development life cycle (SDLC) and agile methodologies. - Excellent analytical, problem-solving, and communication skills. - Ability to work collaboratively in a fast-paced environment and manage multiple priorities. - Ability to evaluate and score Common Vulnerabilities and Exposures (CVEs). Preferred Qualifications - Certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar. - Familiarity with product security concepts, including Secure Boot, FIPS compliance, etc. - Experience contributing to CVEs. Benefits offered are described: AMD benefits at a glance. AMD does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. AMD and its subsidiaries are equal opportunity, inclusive employers and will consider all applicants without regard to age, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, pregnancy, sexual orientation, gender identity, military or veteran status, or any other characteristic protected by law. We encourage applications from all qualified candidates and will accommodate applicants needs under the respective laws throughout all stages of the recruitment and selection process.