Product Security Engineer

Essential Responsibilities

  • Assess applications and products for security vulnerabilities and design flaws
  • Evaluate security vulnerabilities and prioritize remediation efforts
  • Provide technical guidance to developers on secure coding practices
  • Develop secure code practices and provide hands-on training to development teams
  • Evaluate and improve application security tools and processes
  • Research latest security best practices, staying current on new vulnerabilities and threats

Knowledge and Skills Required:
  • Security experience across web, mobile and client server applications
  • Experience performing automated security testing using static and dynamic scanning tools
  • Experience performing manual code reviews and penetration testing
  • Knowledge of applicable industry standards, leading security practices and regulatory requirements
  • Deep understanding of cryptography, authentication, authorization, network security protocols

and web application security
  • Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.
  • Proficiency with at least one of the following programming languages: Java, .Net, C, C++, PHP
  • Strong interpersonal skills as well as excellent written and verbal communication skills
  • Uncompromising personal and professional integrity and ethics

Desired Skills and Experience
  • Security professional certifications preferred (such as CEH, CISSP, CSSLP, GPEN, GWAPT, OCSP)
  • Technology industry experience

Education and Experience Required:
  • Undergraduate degree in computer science, engineering or related field
  • At least 4 years of product security experience in a large enterprise
  • Prior software development background is preferred

Back to top