Product and Solution Security Expert

Visionary!

We empower our people to stay resilient and relevant in a constantly evolving world. We're looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future.

We are looking for a highly skilled and motivated Product & Solution Security Professional to join our team. We are looking for proven experience of 15 years in cybersecurity, with a focus on application security and proven experience working with software development teams and integrating security practices into the SDLC.

Experience interacting with key collaborators and supporting security activities within software products.

Having An engineering degree B.E/B.Tech/MCA/M.Tech/M.Sc with good academic record.

The ideal candidate will be responsible for defining secure design principles and supporting multi-functional teams to ensure secure architecture, implementation, and testing of products and solutions.

1. Integration with SDLC:

• Collaborate with software development teams to integrate security practices throughout the Software Development Life Cycle (SDLC).
• Ensure security requirements are included in the design, development, testing, and deployment stages of software projects.
• Perform security code reviews and analyze vulnerabilities during different SDLC phases.

2. Security Activities:

• Develop and implement security protocols, guidelines, and standard processes for software development.
• Conduct threat modelling and risk assessments to identify potential security issues early in the development process.
• Provide guidance on secure coding practices and remediation of identified vulnerabilities.

3. Stakeholder Interaction:

• Work closely with key collaborators, including product managers, project managers, and business analysts, to support and promote security activities within products.
• Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical collaborators.
• Foster a security-aware culture within the development teams and across the organization.

4. Security Tools and Technologies:

• Implement and manage security tools such as static and dynamic analysis tools and vulnerability scanners.
• Stay updated with the latest security tools, trends, and standard methodologies to enhance product's security posture.

5. Training and Awareness:

• Conduct security training and awareness programs for development teams.
• Promote continuous improvement related to application security.

Skills and Qualifications:

1. Technical Skills:

• In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten).
• Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners.
• Proficiency in programming languages such as Java, C#, Python.
• Understanding of DevSecOps practices and integration of security into CI/CD pipelines.
• Promote continuous improvement and related to application security.

2. Soft Skills:

• Strong communication and interpersonal skills.
• Ability to explain complex security concepts to non-technical collaborators.
• Strong analytical and problem-solving skills.
• Collaborative approach and ability to work effectively with multi-functional teams.

3. Certification Preferred:

• CEH, Certified Secure Software Lifecycle Professional (CSSLP) or equivalent

We've got quite a lot to offer. How about you

Bangalore

We're Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and creativity and help us craft tomorrow.

Find out more about Siemens careers at:

We'll support you with:

Hybrid working opportunities.

Diverse and inclusive culture.

Variety of learning & development opportunities.

Attractive compensation package.