Product Security Engineer

Hi All

Please find the below requirement

Role : Product Security Engineer

Experience : 9 Years

Visa : GC & USC

Location : Santa Clara CA(Onsite)

Contract: 6 months

Technical Program Manager Information Security

Key Responsibilities

• Partner with various stake holder groups to promote and build a culture of security and ensure products are designed and built securely.

• Partner with Product Engineering Legal and Information Security teams to ensure security & compliance objectives are identified and tracked to completion.

• Partner with product teams across Applied to identify and implement security requirements into their respective product development activities.

• Creating and driving the project schedule working with BU security champions and managing schedule progress; from large phases through to detailed tasks including understanding and managing dependencies within and across Product Groups

• Work with a global team to help implement and monitor security controls to proactively identify product security issues

• Ability to interpret security tools and penetration testing results to stakeholders and provide advice on vulnerability remediation and risk mitigation

• Should have good understanding of DevSecOps concepts/principles and cloud native services to enable secure development and deployment of applications in the Cloud

• Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application and cyber risks

• Work across teams to develop and define project/program information security metrics & dashboards.

Qualification

• Bachelors degree or equivalent experience in Security

• Minimum 6 to 8 years of experience in Application and/or product security

• Knowledge of regulatory guidelines and standards such as ISO27001 SEMI Standards etc.

• A thorough understanding of common application security tools code libraries and documentation.

• Understanding of threat modeling security vulnerabilities attacker exploit techniques and methods for their remediation.

• Familiarity with the tools for various security activities: Static Code Analysis DAST Penetration Testing Intrusion Detection/Prevention etc.

• Experience in performing source code review

• Working knowledge of one scripting language and or familiarity with at least one software programming language and a framework is a plus

• Excellent written and verbal communication skills with the ability to adapt messaging to executive technical and nontechnical audiences.

• Certification in any security area is a plus

• Experience working with manufacturing equipment or industrial equipment is a plus

• Experience working in semiconductor industry is a plus

For any submission please share copy of DL Visa Last 4 digits of SSN Birthday and birth month and LinkedIn profile link.

Thanks

Product Security,web application penetration testing,performing source code review