Principal Security Engineer

HARMANs engineers and designers are creative purposeful and agile. As part of this team youll combine your technical expertise with innovative ideas to help drive cuttingedge solutions in the car enterprise and connected ecosystem. Every day you will push the boundaries of creative design and HARMAN is committed to providing you with the opportunities innovative technologies and resources to build a successful career.

A Career at HARMAN

As a technology leader that is rapidly on the move HARMAN is filled with people who are focused on making life better. Innovation inclusivity and teamwork are a part of our DNA. When you add that to the challenges we take on and solve together youll discover that at HARMAN you can grow make a difference and be proud of the work you do everyday.

About the Role

The Principal Security Engineer for Application Security plays a pivotal role in ensuring the security and integrity of our Software Products as we handle applications and sensitive data for Automotive OEMs. If a candidate has a passion for securing applications and systems possess the required qualifications and are driven to tackle complex security challenges we welcome you to join our team.

Your Team

The role APPLICATION SECURITY EXPERT will report to Head of Cyber Security for Software Products.

What You Will Do

• Our customers security culture is of critical importance as we are delivering software to numerous Automotive OEMs on a daily basis. The successful candidate will face a multitude of securityrelated challenges and will be responsible for implementing Secure Software Development Lifecycle (SSDLC) processes owning security tasks guiding development teams analyzing penetration tests and managing vulnerabilities.
• Additionally the candidate shall be responsible for the application security reviews work closely with the development teams across Software Products business unit.
• Candidate shall also be having extensive expertise into product security solution Application/API security databases security infrastructure vulnerabilities assessment and management OWASPSAST DAST vulnerability assessment and penetration testing (VAPT) services for applications (white/gray/black box concept of penetration testing and corresponding tools).
• The job entails planning & tracking of tasks for the product and project in order to achieve the timely delivery of committed services to customer.

What You Need

• Candidate should be a graduate or post graduate with following B.Tech/B.E/M.Tech or equivalent.
• Candidate should have minimum of 15 Yrs of experience in relevant security domain with minimum of 10 Yrs of Cloud Security Vulnerability Assessment and Pen Testing experience in application security and backend cloud applications security.
• At least 2 years of proven experience as a software security engineer demonstrating a strong background in application security.
• Profound knowledge of all stages of the Secure SDLC process.
• Deep expertise in authentication authorization applied cryptography security vulnerabilities and remediation techniques.
• Collaborate with development teams to consistently implement and enforce the Secure SDLC process ensuring security is embedded throughout the software development lifecycle.
• Review the existing system security measures and propose and implement enhancements to strengthen our security posture.
• Conduct postevent analysis of security incidents and implement necessary improvements to prevent future occurrences.
• Lead vulnerability management efforts including analyzing customer penetration test reports and vulnerabilities reports and overseeing remediation efforts.
• Implement test and operate advanced software security techniques in alignment with a technical reference architecture.
• Conduct ongoing security testing and code reviews to enhance the security of our software solutions.
• Troubleshoot and debug securityrelated issues that may arise during development or production phases.
• Provide engineering designs for new software solutions ensuring they are fortified against security vulnerabilities.
• Contribute to architectural decisions with a strong focus on security considerations.
• Maintain comprehensive technical documentation related to security measures and processes.
• Offer guidance and training to team members on secure coding practices and security best practices.

What is Nice to Have

• Handson software development experience in one or more of the following core languages: Java and optionally C and C.
• Familiarity with webrelated technologies including Web applications Web Services and various network protocols.

What Makes You Eligible

• Be willing to travel up to 25 domestic and international travel

What We Offer

• Flexible work environment
• Access to employee discounts on worldclass Harman and Samsung products (JBL HARMAN Kardon AKG etc.
• Extensive training opportunities through our own HARMAN University
• Competitive wellness benefits
• Access to HARMAN Campus Fitness Center and Cafeteria.

HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard torace religion color national origin gender (including pregnancy childbirth or related medical conditions) sexual orientation gender identity gender expression age status as a protected veteran status as an individual with a disability or other applicable legally protected characteristics.