Specialist I - Product security and Privacy

Job Title

Job Description

Job title: Application Security Test Engineer
 

Job Description: Application Security Test Engineer

Responsibilities:

This is an individual contributor role. As part of the larger Security and Privacy team, the Application Security Engineer would -

·       Perform comprehensive Dynamic Application security Testing (DAST)

·       Understand and analyze the applications from security point of view.

·       Understand the application security risks and Threat modeling of applications

·       Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.

·       Able to guide and support development teams to fix the security vulnerabilities in the code.

Preferred Experience:

·       3+ years of work experience in Application Security Testing, VAPT

·       Understanding and familiarity with common code review methods and standards 

·       Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) Methodologies

·       Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite

·       Experience is creating new security test cases based on the type of the application being tested 

·       Application development experience

·      Good to have python language experience on security automation.

·       Research and pilot new services / technologies to support secure software development

·       Knowledge of standard SDLC practices 

·       Experience with DevSecOps, security test automation, security testing as part of CICD

·       Advantageous to have experience in clout technologies like AWS & Azure.

Educational Qualifications:

·       Bachelor degree with concentration in Computer Science, Information Systems, Information Security or similar would be preferred.

Preferred Security certifications

Ideally, candidate will possess any one of the below Security certifications(but not mandatory)

·       CEH

·       ECSA

·       LPT

·       OSCP

How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week.
Onsite roles require full-time presence in the company’s facilities.
Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.
Indicate if this role is an office/field/onsite role.

About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about our business.
• Discover our rich and exciting history.
• Learn more about our purpose.
If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here.