| Looking for, Product Security Engineer || Santa Clara, CA || Locals only at Remote, Remote, USA |
| Email: [email protected] |
| From: Mayank, Pivotal Technologies [email protected] Reply to: [email protected] "No Relocation || Need Local to CA Only || Need DL of CA" Role : Product Security Engineer Need Semiconductur industry but we can send on IT products if need be) Location : Santa Clara, CA Visa : USC Only Rate : $55/hr c2c Key Responsibilities Partner with various stake holder groups, to promote and build a culture of security and ensure products are designed and built securely Partner with Product Engineering, Legal, and Information Security teams to ensure security & compliance objectives are identified and achieved Partner with product teams across Applied to implement/integrate secure SDLC concepts such as training, security requirements, threat modeling, code/design reviews, and security testing Architect and implement new or updates to product security solutions. Provide technical advice to clients and teams on design, installation, and maintenance of product per security requirements Have experience in performing application security/penetration testing using manual and automated tools Work with a global team to help implement and monitor security controls to proactively identify product security issues Ability to interpret security tools and penetration testing results to stakeholders and provide advice on vulnerability remediation and risk mitigation Should have good understanding of DevSecOps concepts/principles and cloud native services, to enable secure development and deployment of applications in the Cloud Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application and cyber risks Work across teams to develop and define project/program information security metrics & dashboards. Monitor events, collate and analyze data to assess the environment for product security risk, policy violations, & unusual activity and perform root cause analysis. Qualification Bachelor's degree or equivalent experience in Security Minimum 6 to 8 years of experience in Application and/or product security Knowledge of regulatory guidelines and standards such as ISO27001, SEMI Standards, etc. A thorough understanding of common application security tools, code libraries and documentation. Understanding of threat modeling, security vulnerabilities, attacker exploit techniques, and methods for their remediation. Familiarity with the tools for various security activities: Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention, etc. Experience with web application penetration testing Experience in performing source code review Working knowledge of one scripting language and or familiarity with at least one software programming language and a framework is a plus Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences. Certification in any security area is a plus Experience working with manufacturing equipment or industrial equipment is a plus Experience working in semi-conductor industry is a plus Thanks & Regards, Mayank Mer Technical Recruiter https://www.linkedin.com/in/mayank-mer-405972114/ Keywords: information technology California |
| [email protected] View all |
| Thu Mar 07 02:21:00 UTC 2024 |