Talent.com
Product Security Specialist - SAST / DAST

Product Security Specialist - SAST / DAST

Nazztec Private LimitedPune
30+ days ago
Job description

Job Title : Product Security Specialist

Job Type : Permanent

Work Mode : Hybrid (Bangalore / Pune)

Experience : 7+ Years

Notice Period : Immediate Joiners Preferred (Serving Notice / Max 15 Days)

Position Overview

We are looking for an experienced and passionate Product Security Specialist to join our cybersecurity team. The ideal candidate will be responsible for ensuring that our products are designed, developed, and maintained with the highest security standards, aligning with both regulatory and internal compliance frameworks. You will work closely with product, engineering, DevOps, and compliance teams to embed security throughout the product lifecycle.

Key Responsibilities :

Product & Application Security :

  • Align all products with SLK's and clients security policies, industry standards (e.g., NIST, ISO 27001), and regulatory frameworks (PCI DSS, GDPR, etc.).
  • Perform threat modeling, secure design reviews, and code security assessments.
  • Identify, triage, and track resolution of security vulnerabilities through tools like SAST, DAST, SCA, and

runtime analysis.

  • Drive secure implementation of APIs, cloud services, and containerized applications.
  • Security Monitoring & Reporting
  • Maintain product-level cybersecurity dashboards with insights into vulnerabilities and security posture.

    • Categorize issues based on origin :

  • Design issues Threat Modeling
  • Code issues SAST, SCA
  • Runtime / API issues DAST, API fuzzing
  • Deployment / Configuration issues IaC scanning

    • Awareness & Training :

  • Conduct security awareness programs, training, and simulations for engineering and product teams.
  • Support internal and external security audits and bug bounty triages.
  • Stakeholder Collaboration
  • Collaborate with engineering, DevOps, product, legal, and compliance teams.
  • Act as the security point of contact during incident response and crisis management.

    • Required Skills & Experience :

  • Minimum 7+ years of experience in cybersecurity, with a strong focus on product or application security.
  • Deep knowledge of OWASP Top 10, SANS Top 25, and API Security principles.

    • Proven experience with tools and concepts :

  • Threat Modeling (e.g., STRIDE)
  • SAST / DAST / SCA tools (e.g., Veracode, SonarQube, Burp Suite, Checkmarx)
  • Cloud Security (AWS / Azure), Container Security (Docker, Kubernetes)
  • Infrastructure as Code (IaC) scanning
  • Strong understanding of Zero Trust Architecture, Defense-in-Depth, and Secure by Design principles.
  • Excellent communication, stakeholder management, and reporting skills.

    • Preferred Qualifications :

  • Bachelors or Masters degree in Computer Science, Cybersecurity, or equivalent.
  • Security certifications such as CISSP, OSCP, CEH, CSSLP, or equivalent.
  • Hands-on experience in the FinTech or Payments industry is a plus.
  • Familiarity with compliance standards : PCI DSS, SOC 2, ISO 27001, GDPR.
  • Programming knowledge in .NET, Java, C#, C++, or scripting languages (Python, Bash, etc.).
  • Participation in bug bounty programs or experience in security research is a strong plus.

    • (ref : hirist.tech)

    Create a job alert for this search

    Product Specialist • Pune