This job offer is not available in your country.
Product Security Engineer (17666)
ConfidentialBengaluru / Bangalore7 days ago
Job descriptionImplement and enforce Secure Software Development Lifecycle (SSDLC) practices across all Whatfix technology projects, ensuring security risks are effectively identified and mitigated throughout development. Conduct Vulnerability Assessment and Penetration Testing (VAPT) for SaaS applications, APIs, and cloud infrastructure, identifying security weaknesses and ensuring timely remediation in collaboration with development teams. Enhance application security by improving secure coding guidelines, integrating security automation, conducting developer training, and defining security metrics. Perform threat modeling using STRIDE to proactively identify security risks in the design phase and recommend effective mitigation strategies. Perform security architecture and design reviews, focusing on core security principles to enhance product security. Work closely with product and solution teams to achieve the objectives of the cybersecurity software security program. Conduct secure code reviews across various programming languages, identifying vulnerabilities and providing actionable recommendations for prevention and remediation. Perform both Manual and Automated Security Testing for identifying application vulnerabilities. Responsible for identifying security vulnerabilities, reporting issues, and collaborating with development teams to ensure timely remediation and closure. Responsible for coordinating and ensuring the successful execution of external VAPT assessments. Responsible for managing and assessing security issues reported through the bug bounty program, ensuring proper triage and remediation. Participate in both internal and external product security audits to ensure compliance and identify security improvements. Conduct and facilitate secure coding training sessions for engineering teams to enhance security awareness and best practices Collaborate with GRC and TPRM teams to align security initiatives with regulatory compliance, third-party risk management (TPRM), and security policies, ensuring adherence to industry standards regulations such as GDPR, ISO 27001, SOC 2, and FedRAMP. Ability to articulate and convey security threats and risks to diverse audiences, effectively emphasizing mitigation techniques and strategies
Skills :
- In-depth knowledge of OWASP Top 10 and CWE 25, with a proven track record of implementing and integrating effective remediation strategies.
- Possess a strong understanding of microservices, APIs, and web applications, including their security best practices and potential vulnerabilities.
- Deep knowledge and experience in using SAST, DAST, IAST, SCA and fuzz testing tools.
- Experience in threat modeling using STRIDE, identifying potential security risks and implementing effective mitigation strategies.
- Knowledge of RESTful web services (client server application)
- Hands-on experience with automation and DevSecOps practices to enhance security integration in development workflows.
- Proficiency in high-level programming languages such as Java and .NET, with additional expertise in DAST code reviews as a plus.
- Strong understanding of SDLC methodologies, with flexibility to work in Agile environments.
- Proven experience in providing technical oversight to project team members, ensuring engagement quality and adherence to security best practices.
- Familiarity with code management systems (e.g., BitBucket), CI / CD pipelines (e.g., Jenkins), containerization (Docker, Kubernetes), microservices architecture, and authentication frameworks like OAuth 2.0 and OpenID Connect.
- Well-versed in both waterfall and agile development models, with experience embedding secure development practices in both.
- Extensive experience in driving and implementing Secure SDLC (SSDLC) practices, ensuring seamless security integration into the development process.
- Proficient in at least two scripting languages, such as Python, Perl, PHP, or Ruby.
- Experience in performing static code analysis using tools like Checkmarx, Github advanced code security to identify security vulnerabilities.
- Qualification Required : Bachelor / Master Degree in either Computer Engineering or Information science
- Preferred certifications : OSCP, CEH, ECSA, or other industry-recognized security certifications.
- Minimum experience : 5-8 years of experience in Product Security
Qualifications :
Skills Required
Perl, Oscp, Ruby, Python, Github, product security , security engineering
Create a job alert for this search
Security Engineer • Bengaluru / Bangalore
Related jobs
- Promoted
Senior Software Security Engineer
TalkdeskBengaluru, Karnataka, India At Talkdesk, we are courageous innovators focused on redefining customer experience, making the impossible possible for companies globally.
We champion an inclusive and diverse culture representativ...Show moreLast updated: 17 days ago
- Promoted
Cyber Security Engineer
YASH Technologieshosur, tamil nadu, in The AppSec Engineer is a specialized cybersecurity role focused on DevOps engineering principles.While the expectation of their sibling role – SAE – is to have practical working security knowledge,...Show moreLast updated: 23 days ago
- Promoted
Senior Product Security Engineer
ConfidentialBengaluru / Bangalore, India Build Your Career at Informatica.We seek innovative thinkers who believe in the power of data to drive meaningful change.
At Informatica, we welcome adventurous, work-from-anywhere minds eager to ta...Show moreLast updated: 9 days ago
- Promoted
Senior Lead Product Security Engineer
ConfidentialBengaluru / Bangalore As a Senior Lead Product Security Engineer, you will be responsible for : .Building and executing engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing secur...Show moreLast updated: 18 days ago
- Promoted
Staff Product Security Engineer
ConfidentialBengaluru / Bangalore The Tide Security Engineering team is made up of three core areas : Product Security, Threat Detection & Response, and Identity.
Product Security (this role!) consists of application and cloud securi...Show moreLast updated: 30+ days ago
- Promoted
Security Engineer - Applications Security
theSocialsBangalore Job Description : We are seeking an experienced Security Engineer with strong expertise in Application Security, Cloud Security, and VAPT to join our client's en...Show moreLast updated: 26 days ago
- Promoted
Product Security Engineer
ConfidentialBengaluru / Bangalore, India Build Your Career at Informatica.We seek innovative thinkers who believe in the power of data to drive meaningful change.
At Informatica, we welcome adventurous, work-from-anywhere minds eager to ta...Show moreLast updated: 30+ days ago
- Promoted
Product Security Engineer (I5)
ConfidentialBengaluru / Bangalore You will engage with the best and brightest engineers and architects as they build our future application and service capabilities, while ensuring our current generation solutions continue to deliv...Show moreLast updated: 20 days ago
- Promoted
Senior Product Security Engineer
sliceBengaluru, Karnataka, India We’ve all felt how slow, confusing, and complicated banking can be.We’re building every product from scratch to be fast, transparent, and feel good, because we believe that the best products transc...Show moreLast updated: 30+ days ago
- Promoted
Pluralsight - Product Security Engineer - SAST / DAST
PluralsightBangalore Job Description : The Product Security Engineers work closely with engineering teams to secure our Pluralsight platform.They will work on various Secure SDL programs ...Show moreLast updated: 6 days ago
- Promoted
Product Security Engineer II
FICOBengaluru, Karnataka, India Join our world-class team today and fulfill your career potential!.As a Product Security Engineer II in Cyber Security, you will be supporting security governance for a wide set of customer-facing ...Show moreLast updated: 21 days ago
- Promoted
Senior Security Engineer - Product Security
People Gamut HR SolutionsBangalore As a part of the world-class engineering team, that is focused on solving some unique problems in the space (and one that has been delivering to commitments, as per our customer testimonials) we ar...Show moreLast updated: 30+ days ago
- Promoted
EdgeVerve - Product Security Engineer - Penetration Testing
EdgeverveBangalore Job Objective : As a Product Security Engineer, you'll play a vital role in ensuring the security of our products, particularly those catering to the financial ...Show moreLast updated: 30+ days ago
- Promoted
Principal Product Security Engineer
ConfidentialBengaluru / Bangalore, India Every day, millions of people count on NETGEAR products to connect their digital lives at home and on the go.As a key member of the NETGEAR Product Security Team, you will be helping our innovators...Show moreLast updated: 9 days ago
- Promoted
Senior Product Security Engineer
Pocket FMBengaluru, Karnataka, India Pocket FM is the world’s largest audio entertainment platform, revolutionizing the way stories are told and consumed.We bring together storytelling, technology, and creativity to deliver an immersi...Show moreLast updated: 30+ days ago
- Promoted
Lead Security Engineer
ArcanaBengaluru, Karnataka, India Arcana is on a mission to revolutionize the investing landscape,.Our cutting-edge software and data platform processes millions of data points every minute, delivering lightning-fast computations a...Show moreLast updated: 30+ days ago
- Promoted
Product Security Engineer
TravelokaBengaluru, Karnataka, India Product Security Engineer at Traveloka will be required to ensure that our products and services are shipped with high security standards through application security testing, hardening, and secure...Show moreLast updated: 30+ days ago
- Promoted
Lead Security Engineer
interface.aiBengaluru, IN Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 26 days ago