Senior Specialist I - Product Security & Privacy

3 Months ago • 7-12 Years • Product

Job Summary

Job Description

This role focuses on ensuring security and privacy are integrated into the product development lifecycle. The Senior Specialist will work with architects and engineering teams to review designs and specifications for security considerations. Responsibilities include performing security testing, analyzing applications for risks, and creating test cases. They will also guide development teams in fixing vulnerabilities and may involve experience with security automation and various testing tools and methodologies. This role ensures a secure software development lifecycle.
Must have:
  • Experience in Application Security Testing (7-12 years).
  • Understanding of common code review methods and standards.
  • Experience with static analysis tools.
  • Knowledge of standard Secure Development Life Cycle practices.
  • Experience with Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS) security testing is a plus.
  • Experience in tools like Burp Suite Pro, HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite
  • Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies
  • Knowledge in cloud & Big data application security testing
Good to have:
  • Experience in Security automation framework development or scripting language is a plus.
  • Sufficient understanding or exposure to testing application on below technology will be helpful: REST API, Web Application, Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS), Encryption, Data storage for SQL, Oracle etc., AWS
  • Good to have CEH certification
  • Good to have source code review experience
  • Good to know Python coding and Security Automation

Job Details

Job Title

Senior Specialist I - Product Security & Privacy

Job Description

This role, embedded in to product development life cycle will ensure- Secured by Design, Privacy by Design and Threat modelling aspects are carried out as part of Secured Software Development Life Cycle. 

Individuals in this role will engage with Architects, Technical leads and R&D Engineering & Development teams to ensure the security and privacy considerations are considered well in advance during the product development cycle. They will review the High-level design, Low-level design and System specification documentation for security consideration and sign them off before the development happens.

They also collaborate with architects to arrive at appropriate security solutions balancing the security risks and the business impact.

This role, embedded in to product development life cycle will ensure- Secured by Design, Privacy by Design and Threat modelling aspects are carried out as part of Secured Software Development Life Cycle. 

Individuals in this role will engage with Architects, Technical leads and R&D Engineering & Development teams to ensure the security and privacy considerations are considered well in advance during the product development cycle. They will review the High-level design, Low-level design and System specification documentation for security consideration and sign them off before the development happens.

They also collaborate with architects to arrive at appropriate security solutions balancing the security risks and the business impact.

Specific job responsibilities include:

  • This is individual contributor role. As part of the larger Security and Privacy team, the Application Security Engineer.
  • Perform comprehensive Dynamic Application security Testing (DAST)
  • Understand and analyses the applications from security point of view.
  • Understand the application security risks and Threat modelling of applications.
  • Good to have source code review experience.
  • Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.
  • Able to guide and support development teams to fix the security vulnerabilities in the code.
  • Good to know Python coding and Security Automation .

Technical skills and experience:

  • Preferred Experience:

  • 7 - 12 years of work experience in Application Security Testing
  • Understanding and familiarity with common code review methods and standards.
  • Experience with static analysis tools (e.g., Git hub advance security, IBM Appscan Source, HP Fortify, Synopsys BlackDuck)
  • Experience in Security automation framework development or scripting language is a plus.
  • Knowledge of standard Secure Development Life Cycle practices.
  • Experience with Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS) security testing is a plus.
  • Research and pilot new services / technologies to support secure software development
  • Experience in tools like Burp Suite Pro, HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite
  • Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies
  • Knowledge in cloud & Big data application security testing
  • Sufficient understanding or exposure to testing application on below technology will be helpful
    REST API
    Web Application
  • Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS)
    Encryption
    Data storage for SQL, Oracle etc.
    AWS

Education

• Bachelor  degree in technical stream required ( BE, ME, MS, MCA)

• Degree or concentration in Computer Science, Information Systems, Information Security or similar preferred.

Good to have CEH certification

#LI-PHILIN
#LI-Onsite
#LI-EU

Similar Jobs

Sword Health - Senior Data Analyst

Sword Health

Porto, Porto District, Portugal (Hybrid)
2 Months ago
Match Group - Senior Abuse Analyst

Match Group

Palo Alto, California, United States (Hybrid)
1 Month ago
beghou consulting - Sr. Consultant, Commercial Operations & Analytics

beghou consulting

Princeton, New Jersey, United States (Hybrid)
2 Months ago
bytedance - Senior Software Engineer, Distributed Storage System

bytedance

Seattle, Washington, United States (On-Site)
4 Months ago
The New York Times - Editor, Cooking Product Strategy

The New York Times

New York, United States (Hybrid)
2 Months ago
bytedance - Product Marketing Intern

bytedance

Singapore (On-Site)
2 Months ago
Tide - Lead People Partner, Product & Engineering

Tide

Hyderabad, Telangana, India (Hybrid)
2 Months ago
Capgemini - Data Product Owner

Capgemini

Hyderabad, Telangana, India (On-Site)
2 Months ago
OKX - Product Compliance Lead (Growth/Partnerships)

OKX

New York, United States (On-Site)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Axon - Principal Product Designer, AI Features

Axon

Seattle, Washington, United States (Remote)
1 Month ago
sony global (Games) - Zhongshan Sales

sony global (Games)

Zhongshan, Guangdong Province, China (On-Site)
3 Months ago
Vercel - Staff Security Operations Engineer

Vercel

San Francisco, California, United States (Hybrid)
3 Months ago
Axon - Senior Accountant, Revenue Policy & Enablement

Axon

Boston, Massachusetts, United States (Hybrid)
1 Month ago
Novomatic - IT Project Manager/Product Owner

Novomatic

Zabierzów, Lesser Poland Voivodeship, Poland (Hybrid)
3 Months ago
Com2us Corporation - Application Pool

Com2us Corporation

Berlin, Berlin, Germany (On-Site)
12 Months ago
binance - Frontend Developer (Big Data)

binance

Taipei City, Taiwan (Remote)
10 Months ago
Apexon - Data modeler

Apexon

Birmingham, England, United Kingdom (On-Site)
5 Months ago
Cognite - Director of FP&A

Cognite

Phoenix, Arizona, United States (Hybrid)
3 Months ago
Coherent corp. - Equipment Engineering Technician Lead

Coherent corp.

Sherman, Texas, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Qualcomm - Power Design (Turing)- Sr Engineer

Qualcomm

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Capgemini - Mechanical & Physical Engineer

Capgemini

Coimbatore, Tamil Nadu, India (On-Site)
2 Months ago
Inveniolsi - MuleSoft Project Manager

Inveniolsi

Hyderabad, Telangana, India (On-Site)
4 Months ago
Paytm - Manager-Regulatory Compliance

Paytm

Mumbai, Maharashtra, India (On-Site)
1 Month ago
PwC - Senior Associate - EA- Oracle  - Chennai

PwC

Chennai, Tamil Nadu, India (On-Site)
10 Months ago
Flexra Software - Member of Technical Staff, Site Reliability Engineer

Flexra Software

India (Remote)
3 Months ago
Go guardian - Site Reliability Engineer

Go guardian

India (Remote)
10 Months ago
Granicus - Senior Product Designer

Granicus

Bengaluru, Karnataka, India (Hybrid)
2 Months ago
zeta - Principal Data Scientist II

zeta

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Nagarro - Associate Principal Engineer, Frontend Angular2x

Nagarro

India (Remote)
9 Months ago

Get notifed when new similar jobs are uploaded

Product Jobs

bounteous - Senior Product Owner - BOT

bounteous

India (Remote)
9 Months ago
zeta - Senior Product Head, HSA and Employee Benefits

zeta

United States (Remote)
2 Months ago
entrata - Product Owner

entrata

Pune, Maharashtra, India (Hybrid)
9 Months ago
Genies.io - Head of Product

Genies.io

Los Angeles, California, United States (On-Site)
1 Month ago
Motorola solutions - Product Owner

Motorola solutions

Edinburgh, Scotland, United Kingdom (Hybrid)
2 Months ago
fortis games - Director of Product

fortis games

United States (On-Site)
8 Months ago
Xsolla - Product Owner

Xsolla

Serbia (Remote)
4 Months ago
Alpha Sense - Product Specialist, Financial Services

Alpha Sense

New York, United States (Hybrid)
2 Months ago
Loyalty Juggernaut - Product Specialist - Customer Success

Loyalty Juggernaut

Hyderabad, Telangana, India (On-Site)
1 Year ago
Mattel Inc - Marketing Product Assistant Intern

Mattel Inc

Bagneux, Île-de-France, France (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

At Philips, we believe that every human matters. As a global health-tech leader, we focus on improving people’s health and wellbeing through meaningful innovation. The people who work here share our passion and are motivated to bring this purpose to life.For more than 130 years, we have been creating technologies and innovations that improve people's lives and support healthcare practitioners. Headquartered in the Netherlands and operating in more than 100 countries globally, we focus our advanced technology and deep clinical and consumer insights on Precision Diagnosis, Image Guided Therapy, Enterprise Informatics, Monitoring/ Connected Care, Sleep & Respiratory Care and Personal Health.Together, we deliver better care for more people because we believe that every human matters.

Highland Heights, Ohio, United States (On-Site)

Malvern, Pennsylvania, United States (On-Site)

Nashville, Tennessee, United States (On-Site)

Best, North Brabant, Netherlands (Hybrid)

San Diego, California, United States (On-Site)

Little Rock, Arkansas, United States (Remote)

Böblingen, Baden-Württemberg, Germany (On-Site)

Eindhoven, North Brabant, Netherlands (On-Site)

View All Jobs

Get notified when new jobs are added by Philips

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug