Staff Product Security Analyst

Lead Product Security Analyst

Are you a Product Security Analyst expert looking for a challenging opportunity?

Join our Product Security team.
We operate at the heart of the digital transformation of our business. Our team is responsible for Product Security including application security for our global organization.

Partner with the best.

We are looking for a Lead Product Security Analyst, with a focus in Product Security. In this role, you will work in a team and demonstrate working knowledge of systems and products and how they are secured in customers' businesses.

As a Senior Lead Product Security Engineer, you will be responsible for:

• Leading security architecture reviews, threat modeling, and risk assessments for complex systems and products.
• Defining and drive the adoption of secure development practices across engineering teams.
• Partnering with product managers, architects, and developers to embed security into product roadmaps and design decisions.
• Developing and maintain scalable security frameworks, standards, and automation tools.
• Conducting advanced security testing (SAST, DAST, IAST, fuzzing) and oversee remediation efforts.
• Evaluating and integrate security tools into CI/CD pipelines and development workflows.
• Serving as a mentor and technical leader for junior analysts and engineers.
• Collaborating with incident response and vulnerability management teams to address product-related security issues.
• Staying ahead of emerging threats, technologies, and regulatory requirements, and translate them into actionable strategies.

Fuel your passion

To be successful in this role you will:

• Have Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
• Have 6+ years of experience in application/product security, with a proven track record of securing large-scale systems.
• Have Deep understanding of secure coding, software architecture, and common vulnerabilities (e.g., OWASP Top 10, CWE).
• Have proficiency in multiple programming languages (e.g., Python, Java, Go, C++) and scripting.
• Have experience with cloud-native security (AWS, Azure, GCP), containers (Docker, Kubernetes), and microservices.
• Have strong communication and leadership skills, with the ability to influence cross-functional teams.

Desired Characteristics

• Industry certifications such as OSCP, CISSP, CSSLP, or GIAC.
• Experience in threat modeling methodologies (e.g., STRIDE, PASTA).
• Familiarity with compliance and regulatory standards (e.g., SOC 2, ISO 27001, PCI-DSS).
• Contributions to open-source security tools or research.

Working with us
Our people are at the heart of what we do at Baker Hughes. We know we are better when all our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.
 

Working for you
Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we must push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input.  Join us, and you can expect:

• Contemporary work-life balance policies and wellbeing activities
• Comprehensive private medical care options
• Safety net of life insurance and disability programs
• Tailored financial programs.
• Additional elected or voluntary benefits