Product Security Engineer IV - Onsite position
Santa Clara,CA
Full Time Senior-level / Expert USD 132K - 181K
Applied Materials
We work closely with our customers as strategic partners in ten countries across Europe. Facilitating progress through long-term relationships, and delivering the expertise, technology and services that bring their ideas and innovations to...Applied Materials, Inc. is the leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. The Information Security threat landscape continues to remain increasingly complex and requires constant vigilance to secure a large, global enterprise. Applied has an exciting opportunity to join a world-class information security team.
This position will assist in managing efforts taken to address product security risk activities. This position will be responsible for ensuring Applied’s products with embedded software are designed and implemented per Applied security standards, while partnering closely with product group stakeholders.
This candidate will be expected to have a good foundation in understanding product security policies and procedures, have strong analytical and presentation skills, work experience in a global company and working with global teams. The selected candidate will play a critical role in coordination and project management between product, Legal, and business clients. This selected candidate will also help review policy, procedures, and training related to product security, vulnerability management, incident response, intellectual property protection, and governance.
Key Responsibilities
Partner with various stake holder groups, to promote and build a culture of security and ensure products with embedded software are designed and built securely.
Partner with product teams across Applied to implement/integrate secure by design and secure by default concepts.
Provide technical advice to product teams on secure product design requirements. Ability to interpret customer requirements, regulations and translate to product security requirements.
Identify gaps in the vulnerability management and product security incident response end-to-end workflows and lead process optimization efforts to improve these programs.
Provide oversight for vulnerability management, patch management, and product security incident response processes.
Work with a global team to help implement and monitor security controls to proactively identify product security issues.
Interpret security tools and penetration testing results and communicate advice on vulnerability remediation and risk mitigation to stakeholders.
Partner with software development teams across Applied to help implement secure SDLC concepts such as training, identify security requirements, threat modeling, code/design reviews, and security testing.
Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application and cyber risks.
Work across teams to develop and define project/program information security metrics & dashboards.
Qualifications
Bachelor's degree or equivalent experience in IT Security.
Minimum 6 to 8 years of experience in product security.
Understanding of threat modeling, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
Have a good understanding of DevSecOps concepts/principles and cloud native services, to enable secure development and deployment of applications in the Cloud.
Practical experience in information security vulnerability management, incident response, application security and/or product security with experience in these areas from process to tools (e.g. Qualys, JFrog Xray etc.,)
Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.
Experience working on hardware with embedded software is a plus.
Knowledge of regulatory guidelines and standards such as ISA/IEC 62443, SEMI Standards, etc. is a plus.
Certification in any security area is a plus.
Experience working with manufacturing equipment or other industrial equipment is a plus.
Experience working in semiconductor industry is a plus.
Qualifications
Education:
Bachelor's DegreeSkills:
Embedded Systems, IT System Security, JFrog, Qualys Vulnerability ManagementCertifications:
Languages:
Years of Experience:
7 - 10 YearsWork Experience:
Additional Information
Time Type:
Full timeEmployee Type:
Assignee / RegularTravel:
Yes, 10% of the TimeRelocation Eligible:
NoU.S. Salary Range:
$132,000.00 - $181,500.00The salary offered to a selected candidate will be based on multiple factors including location, hire grade, job-related knowledge, skills, experience, and with consideration of internal equity of our current team members. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation such as participation in a bonus and a stock award program, as applicable.
For all sales roles, the posted salary range is the Target Total Cash (TTC) range for the role, which is the sum of base salary and target bonus amount at 100% goal achievement.
Applied Materials is an Equal Opportunity Employer committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.
Tags: Application security Cloud DevSecOps Exploit Governance IEC 62443 Incident response Industrial Pentesting Product security Qualys SDLC Vulnerabilities Vulnerability management
Perks/benefits: Equity / stock options Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.