Senior Product Security Analyst
Senior Product Security Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description Summary
We are looking for an Sr Product Security Analyst with a focus in vulnerability management and incident response this role you will work in a team to identify risk rate communicate and track product vulnerabilities and be a part of the product incident response team.Job Description
Roles and Responsibilities
In this role you will:
Be able to scope and participate in hardware and software penetration tests vulnerability identification and vulnerability risk assessment
Engage in incident response methods lead incident response processes related to product cyber
Create and track meaningful metrics around product cyber risk and compensating controls
Create vulnerability and incident trend analysis to improve product design
Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components
Engage and administer End Of Life processes for digital products
Consult architect on security requirements and utilize best practices to meet them
Engage in application and domain-specific threat modeling and attack surface analysis/reduction
Help prepare reports at appropriate levels of confidentiality for stakeholders to view
Responding promptly and in detail to customer-sponsored penetration tests
Provides guidance on automated testing tools and techniques
Education Qualification
For roles outside USA:
Bachelors Degree in Computer Science or STEM Majors (Science Technology Engineering and Math) with advanced experience.
For roles in USA:Bachelors Degree in Computer Science or STEM Majors (Science Technology Engineering and Math) with minimum years of experience4years
Desired CharacteristicsTechnical Expertise:
Experience with cyber security framework (NIST 800-53 ISO 27001 IEC 62443 etc.) implementation and governance
Program and Project Management experience; expertise with Agile development teams
Experience with secure coding principles; code signing; secure boot
Experience with penetration testing and ethical hacking
Knowledge of CI/CD and automation tools (Chef Git Jenkins)
Knowledge of Identity management and identity federation (SAML Oauth SCIM XACML)
Experienced in developing web services (SOAP/REST)
Must be available for on call for potential security response
Knowledge of application risk identification and evaluation techniques
Knowledge of Cyber Security and full knowledge of multiple related engineering functions
Experience securing applications within cloud platforms such as AWS Azure and alike.
Experience with broad set of information security technologies and processes within a SaaS IaaS PaaS or cloud environment
Note
Note:
To comply with US immigration and other legal requirements it is necessary to specify the minimum number of years experience required for any role based within the USA. For roles outside of the USA to ensure compliance with applicable legislation the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.
This Job Description is intended to provide a high level guide to the role. However it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.
Additional Information
Relocation Assistance Provided: No
Required Experience:
Senior IC
Employment Type
Full-Time
