Principal Product Security Engineer

Hyderabad - India

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Key Responsibilities:

Lead and execute cybersecurity activities across product and device domains including incident response vulnerability assessment and mitigation.
Conduct product-level intrusion detection and develop threat models (e.g. STRIDE).
Collaborate with R&D teams on risk assessments and define product/system-wide security controls.
Support regulatory compliance managing deliverables and aligning with international cybersecurity standards.
Evaluate and test security risks across the development lifecycle including post-market products.
Perform penetration testing fuzz testing static/dynamic code analysis across cloud web and enterprise solutions.
Maintain and update security documentation requirements and processes.
Drive initiatives for cybersecurity certifications and emerging standards.

Must-Have Qualifications:

Bachelors/Masters in Computer Science Computer/Electrical Engineering or related field.
CISSP or equivalent certification or proven cybersecurity expertise.
Strong experience in embedded device vulnerability assessment threat modeling and risk scoring.
12 years total experience with 4 years dedicated to cybersecurity.
Proficiency in programming (C C Python Go Ruby or Scala).
Hands-on experience in penetration testing (black/gray/white box) fuzz testing static code analysis.
Knowledge of cybersecurity principles risk management incident response and regulated industry compliance (medical devices preferred).

Nice-to-Have:

Experience in application architecture reviews cloud security and enterprise/network infrastructure security.
Familiarity with mobile app security large-scale application security and container technologies (Docker Kubernetes etc.).
Proficiency in log/event management tools (Splunk Sentinel etc.).
OS-level expertise (Linux Windows Android iOS).
Exposure to Agile methodologies.
Experience in healthcare or other regulated industries.
Strong communication analytical and stakeholder management skills.

Key Responsibilities: Lead and execute cybersecurity activities across product and device domains including incident response vulnerability assessment and mitigation. Conduct product-level intrusion detection and develop threat models (e.g. STRIDE). Collaborate with R&D teams on risk assessmen...

Key Responsibilities:

Lead and execute cybersecurity activities across product and device domains including incident response vulnerability assessment and mitigation.
Conduct product-level intrusion detection and develop threat models (e.g. STRIDE).
Collaborate with R&D teams on risk assessments and define product/system-wide security controls.
Support regulatory compliance managing deliverables and aligning with international cybersecurity standards.
Evaluate and test security risks across the development lifecycle including post-market products.
Perform penetration testing fuzz testing static/dynamic code analysis across cloud web and enterprise solutions.
Maintain and update security documentation requirements and processes.
Drive initiatives for cybersecurity certifications and emerging standards.

Must-Have Qualifications:

Bachelors/Masters in Computer Science Computer/Electrical Engineering or related field.
CISSP or equivalent certification or proven cybersecurity expertise.
Strong experience in embedded device vulnerability assessment threat modeling and risk scoring.
12 years total experience with 4 years dedicated to cybersecurity.
Proficiency in programming (C C Python Go Ruby or Scala).
Hands-on experience in penetration testing (black/gray/white box) fuzz testing static code analysis.
Knowledge of cybersecurity principles risk management incident response and regulated industry compliance (medical devices preferred).

Nice-to-Have:

Experience in application architecture reviews cloud security and enterprise/network infrastructure security.
Familiarity with mobile app security large-scale application security and container technologies (Docker Kubernetes etc.).
Proficiency in log/event management tools (Splunk Sentinel etc.).
OS-level expertise (Linux Windows Android iOS).
Exposure to Agile methodologies.
Experience in healthcare or other regulated industries.
Strong communication analytical and stakeholder management skills.