Sr Associate, Product Security Engineer
Sr Associate, Product Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
- Support threat intelligence solutions and prioritization of vulnerabilities for remediation.
- Develop capabilities through gap analysis process enhancements and automation tool integration across product lifecycle
- Evaluate and propose remediation strategies based on software tool analysis findings
- Establish effective collaboration with crossfunctional teams throughout product development
- Assist in risk analysis security gap assessment and recommendation of cuttingedge solutions
- Facilitate creation of comprehensive security process documentation for leadership and stakeholders
- Deliver intelligence insights for security patch management of operating systems and thirdparty software
- Collaborate with development teams to craft solutions for existing security challenges
- Liaise with stakeholders regarding identified vulnerabilities and proposed remediation approaches
- Assist with incident response processes and PSIRT activities when addressing identified security events
- Deliver support for penetration testing activities and resulting reports
- Partner closely with the Threat Intelligence Manager and support personnel to advance product security initiatives and deliverables
- Execute/support annual risk assessments of marketdeployed products; document and quantify findings relay results to development teams
- Facilitate annual penetration tests as assigned develop or assess final reports
- Master SBOM generation using various tools and scripts; become an authority in utilizing and analyzing results
- Assess security updates for potential impacts on marketdeployed products and track emerging vulnerabilities
- Compose and/or evaluate patching and update communications for customers and coordinate distribution
- Ready software for SAST DAST and fuzzing evaluations; analyze and document results formulate remediation strategies
- Deploy image hardening protocols including implementation of DISA STIGs
- Compile product risk summaries for semiannual stakeholder reporting
- Engage with external vendors develop/modify/communicate host module requirements and ensure vendor accountability for deliverables
Bachelors degree in Computer Science or related field; or 4 years of equivalent professional experience
Proficiency in Microsoft development environment scripting particularly PowerShell
Knowledge of Windows OS services processes driver configurations registry settings and analysis methodologies
Understanding of Windows and Linux cybersecurity configurations
Experience with security tools including SAST DAST SBOM network forensics tools fuzzing and standard penetration testing applications
Networking expertise
Familiarity with Microsoft Visual Studio ADO or comparable integrated development environments (IDEs) Capacity to follow instructions identify challenges recommend solutions and deliver highquality results on schedule
Understanding of Software Development Lifecycle Management (SDLC) methodologies (Agile/Scrum iterative)
Strong interpersonal and communication abilities to cultivate positive relationships across departments in virtual remote and asynchronous work environments
ATTENTION: Current Alcon Employee/Contingent Worker
If you are currently an active employee/contingent worker at Alcon please click the appropriate link below to apply on the Internal Career site.
Find Jobs for Contingent Worker
Alcon is an Equal Opportunity Employer and takes pride in maintaining a diverse environment. We do not discriminate in recruitment hiring training promotion or other employment practices for reasons of race color religion gender national origin age sexual orientation gender identity marital status disability or any other reason.
Required Experience:
Senior IC
Employment Type
Full-Time
