Product Security Engineer (DevSecOps)

About The Position

Requirements

• A bachelor’s degree in information technology, Computer Science or related Engineering field is highly desirable.
• Total 2 - 4 years of relevant experience in Software Development, Coding (especially OOPS, C++ etc.), DevOps and CI/CD
• Good working knowledge of current Software Development environments, IT risks and experience implementing security solutions.
• Ability to interact with a broad cross-section of personnel to articulate and enforce security measures through internal product security program and vulnerability management processes
• Excellent written and verbal communication skills as well as business acumen
• Strong technical documentation, diagramming, and presentation skills
• Effective communication skills and goal-oriented
• Ability to work effectively within a team environment and deliver on assigned objectives
• Demonstrated collaboration skills within cross-functional environments
• Meaningful technical contributions into the development lifecycle of a product, application, and service with guidance from senior team members

Nice To Haves

• Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certification, CEH (Certified Ethical Hacker) or equivalent are a plus but not required
• Software Development experience in IT Applications, embedded systems / software and/or web-based applications that includes lab activities with and debugging on target hardware
• Experience with: using git and related source code management tools
• Linux kernel and networking stack including security features
• On-premises and cloud-based multi-tiered applications
• Operating system configuration of Windows, Linux, Android, and iOS
• Computer boot process including boot loaders
• Familiarity with compilers, debuggers, disassemblers, and other low-level development and analysis tools
• Circumventing security protection methods and techniques
• Reverse engineering complex systems and protocols

Responsibilities

• Participate as a Security Engineer to work in development, operations activities daily
• Support building various tools, processes for the business and for engineering teams through various software development skills and coding practices (OOPS preferred)
• Code management and maintenance through DevOps and CI/CD pipelines
• Thorough Gitlab usage and maintenance for daily activities tracking, source code management, DevOps and CI/CD
• Support internal security team efforts, cross-functional activities
• Act as a primary point of contact for regional engineering teams for secure best practices and processes
• Assist engineering teams in adopting secure development best practices and processes
• Assist in executing internal product security program and vulnerability management processes including triage and tracking closures of issues identified
• Provide support to regional and global initiatives as assigned