Principal Security Engineer

HARMAN’s engineers and designers are creative, purposeful and agile. As part of this team, you’ll combine your technical expertise with innovative ideas to help drive cutting-edge solutions in the car, enterprise and connected ecosystem. Every day, you will push the boundaries of creative design, and HARMAN is committed to providing you with the opportunities, innovative technologies and resources to build a successful career.

A Career at HARMAN

As a technology leader that is rapidly on the move, HARMAN is filled with people who are focused on making life better. Innovation, inclusivity and teamwork are a part of our DNA. When you add that to the challenges we take on and solve together, you’ll discover that at HARMAN you can grow, make a difference and be proud of the work you do everyday.

About the Role

The Principal Security Engineer for Application Security plays a pivotal role in ensuring the security and integrity of our Software Products as we handle applications and sensitive data for Automotive OEMs. If a candidate has a passion for securing applications and systems, possess the required qualifications, and are driven to tackle complex security challenges, we welcome you to join our team.

Your Team

The role SENIOR APPLICATION SECURITY EXPERT will report to Head of Cyber Security for Software Products.

What You Will Do

• Our customer's security culture is of critical importance, as we are delivering software to numerous Automotive OEMs on a daily basis. The successful candidate will face a multitude of security-related challenges and will be responsible for implementing Secure Software Development Lifecycle (SSDLC) processes, owning security tasks, guiding development teams, analyzing penetration tests, and managing vulnerabilities.
• Additionally, the candidate shall be responsible for the application security reviews, work closely with the development teams across Software Products business unit.
• Candidate shall also be having extensive expertise into product security solution, Application/API security, databases security, infrastructure vulnerabilities assessment and management, vulnerability assessment and penetration testing (VAPT) services for applications (white/gray/black box concept of penetration testing and corresponding tools).
• The job entails planning & tracking of tasks for the product and project in order to achieve the timely delivery of committed services to customer.

What You Need

• Candidate should be a graduate or post graduate with following B.Tech/B.E/M.Tech or equivalent.
• Candidate should have minimum of 15 Yrs of experience in relevant security domain with minimum of 10 Yrs of Cloud Security, Vulnerability Assessment and Pen Testing experience in application security and backend cloud applications security.
• At least 2 years of proven experience as a software security engineer, demonstrating a strong background in application security.
• Profound knowledge of all stages of the Secure SDLC process.
• Deep expertise in authentication, authorization, applied cryptography, security vulnerabilities, and remediation techniques.
• Collaborate with development teams to consistently implement and enforce the Secure SDLC process, ensuring security is embedded throughout the software development lifecycle.
• Review the existing system security measures and propose and implement enhancements to strengthen our security posture.
• Conduct post-event analysis of security incidents and implement necessary improvements to prevent future occurrences.
• Lead vulnerability management efforts, including analyzing customer penetration test reports and vulnerabilities reports, and overseeing remediation efforts.
• Implement, test, and operate advanced software security techniques in alignment with a technical reference architecture.
• Conduct ongoing security testing and code reviews to enhance the security of our software solutions.
• Troubleshoot and debug security-related issues that may arise during development or production phases.
• Provide engineering designs for new software solutions, ensuring they are fortified against security vulnerabilities.
• Contribute to architectural decisions with a strong focus on security considerations.
• Maintain comprehensive technical documentation related to security measures and processes.
• Offer guidance and training to team members on secure coding practices and security best practices.

What is Nice to Have

• Hands-on software development experience in one or more of the following core languages: Java, and optionally C and C++.
• Familiarity with web-related technologies, including Web applications, Web Services, and various network protocols.

What Makes You Eligible

• Be willing to travel up to 25%, domestic and international travel

What We Offer

• Flexible work environment
• Access to employee discounts on world-class Harman and Samsung products (JBL, HARMAN Kardon, AKG, etc.
• Extensive training opportunities through our own HARMAN University
• Competitive wellness benefits
• Access to HARMAN Campus Fitness Center and Cafeteria.

HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.