Senior Pen Tester
Pune, India
Vertiv
Vertiv ist weltweit führend in der Entwicklung, dem Bau und der Wartung kritischer Infrastrukturen, die essenzielle Anwendungen für Rechenzentren, Kommunikationsnetze sowie kommerzielle und industrielle Einrichtungen ermöglichen.Position Summary
The Application and Product Security Engineer is responsible for evaluating, communicating, and managing the security risk of individual application projects. The Security Analyst is expected to have a thorough understanding of complex IT systems, embedded devices, applications, cloud systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practices and emerging technologies. The ideal candidate will have hands on experience with CI/CD pipelines, static and dynamic code analysis, and industry security frameworks such as OWASP SAMM, and will be a strong communicator. They will be responsible for detecting product and application security threats as well as areas of weakness in products and applications for improvement.
This role will support for the members of the Application and Product Security team when it comes to architectural support and technical guidance on security issues. The analyst will also be required to consult directly with the product and application development teams on security topics as they design and develop hardware devices and supporting services.
This position will be primarily based out in Thane, INDIA, and will consistently work under the guidance and processes of global security team and will support all the regional as well as global engineering groups. The Analyst will be expected to use their knowledge and experience to further develop internal secure processes and procedures.
Key Duties
In addition to anticipating possible security threats and identifying areas of weakness, the Application and Product Security Engineer must:
· Act as security design authority for projects within the Vertiv portfolio. Engage from the ideation through the system development lifecycle in project execution
· Support the implementation of security processes and best practices that support the products, applications, and services operating environment
· Drive alignment and governance across the various architectural domains
· Review current system security measures and recommend and implement enhancements
· Work successfully in a global organization with onshore as well as offshore resources
· Build a culture of security awareness, and identify training gaps and needs to ensure security policies are adhered to at all times.
· Support a standard QA process with the product development teams.
· Support product certification process.
· Support standard security testing labs.
· Support automated security testing.
Requirements:
A Bachelor’s Degree in Information Technology, Computer Science or related field is highly desirable.
· Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certification, CEH (Certified Ethical Hacker) or equivalent are ideal.
· Three (3+) years of experience in application security and/or security operations, with a focus on automation, performance, and reliability
· Solid understanding of security protocols, cryptography, authentication, authorization, and security
· Good working knowledge of current IT risks and experience implementing security solutions
· Ability to interact with a broad cross-section of personnel to articulate and enforce security measures
· Excellent written and verbal communication skills as well as business acumen
· Strong technical documentation, diagramming, and presentation skills
· Strong leadership, vision, effective communication and goal-oriented
· Strong ability to establish partnerships and influence change and achieve results within dynamic environment
· Meaningful technical contributions into the development lifecycle of a product, application and service has context menu
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation CEH CI/CD CISSP Cloud Code analysis Computer Science Cryptography Governance OWASP Product security SAMM
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.