Product Security Engineer, Principal

9 Months ago • 7 Years +

Job Summary

Job Description

As a Product Security Engineer, Principal, you will be responsible for implementing security policies, conducting risk assessments, and performing vulnerability testing. You will conduct design and architecture reviews, threat modeling, and secure code reviews to ensure strong security measures. You will provide technical guidance to engineering teams, manage security vulnerability resolution, and respond to security incidents promptly. Collaboration with internal and external security professionals is also crucial. Staying updated on emerging threats and improving security processes are essential. You will serve as a subject matter expert on information security.

Must have:

Security Policy Implementation
Security Engineering & Assurance
Technical Expertise in Security areas
Engineering Initiatives for infrastructure
Experience with security operations systems
Knowledge of Business Application security
Applying Cryptography for security
Software Security engineering best practices
Authentication, authorization, and network security protocols
Linux OS system security
Windows OS system security
Knowledge of secure software development practices
Knowledge of Machine Learning practices

Good to have:

Industry certifications like CISSP, CISA, CEH, or GSEC

Perks:

Competitive remuneration package
Employee Stock Purchase Plan Enrollment
30 days of earned leave
An extra day off for your birthday
Various other leaves like marriage leave, casual leave, maternity, and paternity leave
Premium Group Medical Insurance for employees and five dependents, personal accident insurance coverage, life insurance coverage
Professional development reimbursement
Interest subsidy on loans - either vehicle or personal loans

4 skills required

4 skills required for this role

Add these skills to join the top 1% applicants for this job

linux

incident-response

cryptography

communication

Job Details

We are Progress (Nasdaq: PRGS) - the experienced, trusted provider of products designed with customers in mind so they can develop the applications they need, deploy where and how they want, and manage it all safely and securely.  

We’re proud to have a diverse, global team where we value the individual and enrich our culture by considering varied perspectives because we believe people power progress. Join us as a Product Security Engineer, Principal and help us do what we do best: propelling business forward. 

In this role you will:

Security Policy Implementation: Implement and enforce security policy requirements, conduct risk assessments, and conduct vulnerability testing.
Security Engineering & Assurance: The Security Engineering & Assurance role involves conducting design and architecture reviews, threat modeling, secure code reviews, and cryptographic reviews to ensure robust security measures. Additionally, the position supports the open source ecosystem, engages in platform security engineering, and augments internal security engineering efforts. The role also includes research and development activities, particularly in compilers and binary translation research, to advance security technologies and practices.
Technical Expertise: Provide technical direction to engineering teams on various security areas, including network security, platform security, authentication/authorization systems, application security, and security frameworks.
Engineering Initiatives: Take leadership of security engineering initiatives for production and corporate infrastructure.
Subject Matter Expertise: Serve as an information security engineering subject matter expert, analyze attacks on customer applications from internal and external sources, proposing mitigations and fixes.
Incident Management: Manage security vulnerability resolution according to company policies. This requires immediate response and working with affected teams to investigate and mitigate/remediate the vulnerabilities. Clear communication skills are critical.
Real-Time Response: Ensure timely and effective responses to security incidents. This involves coordinating with incident response teams, analyzing threat data, and implementing mitigation measures.
Continuous Improvement: Stay informed about emerging threats and lead changes to security processes accordingly. Regularly assess and propose changes, that lead to improving the effectiveness of security operations.
Collaboration: Work closely with other internal and customer security professionals, including network engineers, system administrators, and threat analysts.

Your background:

Bachelor’s or equivalent industry experience in Software Engineering, Information Security, or related fields.
Business Application security patterns
Choosing and applying Cryptography for confidentiality, integrity, and availability
Software Security engineering best practices
Authentication, authorization, and network security protocols
Linux OS system security features and best practices
Windows OS system security features and best practices
Knowledge of secure software development practices across distributed, container, and private/public cloud computing environments
Familiarity with network security devices, and security software product solutions.
Knowledge of Machine Learning practices on creating the standards against which ML (and AI) projects using Large Language Models & RAG can be reviewed, and creating tools and techniques that help researchers assure the safety and security of the systems.
7+ years of experience with security operations systems (e.g., IDS, SIEM, anti-virus log collection systems).
Certifications: Industry certifications like CISSP, CISA, CEH, or GSEC are desirable.

If this sounds like you and fits your experience and career goals, we’d be happy to chat. What we offer in return is the opportunity to experience a great company culture with wonderful colleagues to learn from and collaborate with and also to enjoy:

Compensation

Competitive remuneration package
Employee Stock Purchase Plan Enrollment

Vacation, Family, and Health

30 days of earned leave
An extra day off for your birthday
Various other leaves like marriage leave, casual leave, maternity, and paternity leave
Premium Group Medical Insurance for employees and five dependents, personal accident insurance coverage, life insurance coverage
Professional development reimbursement 
Interest subsidy on loans - either vehicle or personal loans

Apply now!

#LI-SR1

#LI-Hybrid