Senior Specialist I - Product Security & Privacy

9 Minutes ago • 7-12 Years

Job Summary

Job Description

This role focuses on ensuring security and privacy are integrated into the product development lifecycle. The Senior Specialist will work with architects and engineering teams to review designs and specifications for security considerations. Responsibilities include performing security testing, analyzing applications for risks, and creating test cases. They will also guide development teams in fixing vulnerabilities and may involve experience with security automation and various testing tools and methodologies. This role ensures a secure software development lifecycle.
Must have:
  • Experience in Application Security Testing (7-12 years).
  • Understanding of common code review methods and standards.
  • Experience with static analysis tools.
  • Knowledge of standard Secure Development Life Cycle practices.
  • Experience with Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS) security testing is a plus.
  • Experience in tools like Burp Suite Pro, HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite
  • Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies
  • Knowledge in cloud & Big data application security testing
Good to have:
  • Experience in Security automation framework development or scripting language is a plus.
  • Sufficient understanding or exposure to testing application on below technology will be helpful: REST API, Web Application, Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS), Encryption, Data storage for SQL, Oracle etc., AWS
  • Good to have CEH certification
  • Good to have source code review experience
  • Good to know Python coding and Security Automation

Job Details

Job Title

Senior Specialist I - Product Security & Privacy

Job Description

This role, embedded in to product development life cycle will ensure- Secured by Design, Privacy by Design and Threat modelling aspects are carried out as part of Secured Software Development Life Cycle. 

Individuals in this role will engage with Architects, Technical leads and R&D Engineering & Development teams to ensure the security and privacy considerations are considered well in advance during the product development cycle. They will review the High-level design, Low-level design and System specification documentation for security consideration and sign them off before the development happens.

They also collaborate with architects to arrive at appropriate security solutions balancing the security risks and the business impact.

This role, embedded in to product development life cycle will ensure- Secured by Design, Privacy by Design and Threat modelling aspects are carried out as part of Secured Software Development Life Cycle. 

Individuals in this role will engage with Architects, Technical leads and R&D Engineering & Development teams to ensure the security and privacy considerations are considered well in advance during the product development cycle. They will review the High-level design, Low-level design and System specification documentation for security consideration and sign them off before the development happens.

They also collaborate with architects to arrive at appropriate security solutions balancing the security risks and the business impact.

Specific job responsibilities include:

  • This is individual contributor role. As part of the larger Security and Privacy team, the Application Security Engineer.
  • Perform comprehensive Dynamic Application security Testing (DAST)
  • Understand and analyses the applications from security point of view.
  • Understand the application security risks and Threat modelling of applications.
  • Good to have source code review experience.
  • Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.
  • Able to guide and support development teams to fix the security vulnerabilities in the code.
  • Good to know Python coding and Security Automation .

Technical skills and experience:

  • Preferred Experience:

  • 7 - 12 years of work experience in Application Security Testing
  • Understanding and familiarity with common code review methods and standards.
  • Experience with static analysis tools (e.g., Git hub advance security, IBM Appscan Source, HP Fortify, Synopsys BlackDuck)
  • Experience in Security automation framework development or scripting language is a plus.
  • Knowledge of standard Secure Development Life Cycle practices.
  • Experience with Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS) security testing is a plus.
  • Research and pilot new services / technologies to support secure software development
  • Experience in tools like Burp Suite Pro, HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite
  • Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies
  • Knowledge in cloud & Big data application security testing
  • Sufficient understanding or exposure to testing application on below technology will be helpful
    REST API
    Web Application
  • Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS)
    Encryption
    Data storage for SQL, Oracle etc.
    AWS

Education

• Bachelor  degree in technical stream required ( BE, ME, MS, MCA)

• Degree or concentration in Computer Science, Information Systems, Information Security or similar preferred.

Good to have CEH certification

#LI-PHILIN
#LI-Onsite
#LI-EU

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Bengaluru, Karnataka, India

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Over the past decade we have transformed into a focused leader in health technology.

At Philips, our purpose is to improve people’s health and well-being through meaningful innovation. We aim to improve 2.5 billion lives per year by 2030, including 400 million in underserved communities.

We see healthcare as a connected whole. Helping people to live healthily and prevent disease. Giving clinicians the tools they need to make a precision diagnosis and deliver personalized treatment. Aiding the patient's recovery at home in the community. All supported by a seamless flow of data.

As a technology company, we – and our brand licensees – innovate for people with one consistent belief: there’s always a way to make life better.


Visit our website: http://www.philips.com/
Follow our social media house rules https://www.philips.com/a-w/about-philips/social-media.html

Shenyang, Liaoning, China (On-Site)

Gurugram, Haryana, India (Hybrid)

Kolkata, West Bengal, India (On-Site)

Shenyang, Liaoning, China (Hybrid)

Seoul, South Korea (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (Hybrid)

Amsterdam, North Holland, Netherlands (On-Site)

View All Jobs

Get notified when new jobs are added by Philips

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug