Product Security Engineer

10540.Software Developer 4.PRODEV.SWENG.IC4

 

You will have the opportunity to work in a cloud-scale environment using the latest security technologies/tools and collaborate with the best minds in the industry, to collectively stay ahead and respond to increasing threats to cloud services. SaaS Product Security Architecture and Assurance group actively engage in conducting security reviews and white box/grey box application security testing - complementing what the development teams do in a more holistic and more integrated setting through the security automation and tooling. This team is responsible for looking at the product security posture of SaaS service and implementation of Static Code Analysis, Dynamic App Security Testing/Fuzz Testing, Interactive / manual App security testing, facilitate automation of security verifications in CI/CD pipeline and evidence gathering for compliance audits.

This position requires product development experience, product security, application security testing and Cloud/DevSecOps experience.

 

Key Responsibilities

•           You will be part of the SaaS Product Security Assurance and Architecture group.

•           You will work with Fusion Apps and other SaaS Services development teams to review security design, identify gaps in security testing and implement scalable solutions to improve security testing

•           You will implement automated security processes and security tooling in CI/CD pipeline.

•           You will work with individual SaaS development teams to enable them with necessary tools and procedures for collecting necessary security testing evidence for PCI and other regulatory compliance audits of their respective products.

•           You will work with development teams and provide remediation guidance to address any security findings

•           You will evaluate and deploy new security tools and technologies to handle ever changing security threats landscape and support hyper-scale SaaS growth.

•           Thoroughly get involved in Central tool design and development for all current and upcoming features planned.

 

Ideal Experience

•           8 years of work experience in software development or product security and testing role.

•           Experience in security testing tools including static analysis, web application testing, software composition analysis, infrastructure and network testing, and manual security testing required, 2 years minimum preferred

•           Experience in product development or Security QA or penetration testing of Enterprise software, SaaS, IaaS or PaaS cloud services, 2 years minimum preferred

•           Experience in automating security processes and security tooling in CI/CD pipeline especially for Microservices based Cloud architecture including Containers and Kubernetes.

•           Experience with agile methodologies and DevSecOps environments

•           In depth knowledge of security vulnerabilities including a detailed understanding of the OWASP top 10, secure design and secure coding principles

•           Ability to prioritize and handle concurrent assignments or projects.

•           Excellent team player, willing to share knowledge and skills with peers and team members

•           Strong presentation, written and verbal communication skills

•           Bachelor’s degree in Computer Science or related field

•           Security certifications such as CISSP or CSSLP is a plus

!|!Design, develop, troubleshoot and debug software programs for databases, applications, tools, networks etc.

As a member of the software engineering division, you will take an active role in the definition and evolution of standard practices and procedures. You will be responsible for defining and developing software for tasks associated with the developing, designing and debugging of software applications or operating systems.

Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Leading contributor individually and as a team member, providing direction and mentoring to others. BS or MS degree or equivalent experience relevant to functional area. 7 years of software engineering or related experience.!|!