7 Product Security Jobs

In this role, you will have the opportunity to: Perform vulnerability assessment on periodic basis and report the findings. Develop mitigations/resolutions to vulnerabilities assessed, in conjunction with the development teams. Collaborate with various product development teams to identify vulnerabilities and needed mitigations. Support thecybersecurity compliance activities. Research and perform analysis on new vulnerabilities within out tech landscape and support the remediation activities. Identify missing patch's and support the product team in fixing them. Knowledge in working with Security modules like Encryption, Authentication and Authorization. Proven ability to deliver high quality results in a timely fashion while working on different projects concurrently. Performing security development activities as part medical device SDLC & Design Controls procedures. Developing Product security documentation for 510(k) submissions. The essential requirements of the job include: Bachelor's degree in computer science, Computer Engineering or a related field with 3 6 years of proven experience Good knowledge and understanding of the security concepts like CIA and Defense in Depth. Proven expertise across a range of operating systems and environments, such as MS Windows, Linux, Embedded OS Hands on experience with security tools and products like Nessus / etc. Hands on experience with Secure Development Lifecycle and testing. It would be a plus if you also possess previous experience in: Industry-recognized certification like CEH etc. Experience with Healthcare products is good to have. Good knowledge of windows/Linux vulnerability management. Exposure to Good Documentation Practices followed in Medical Device products. Skills Required Application Security,Security System Design,Product Security,Secure Software Development Location Bengaluru, India Desirable Skills Application Security,Security System Design,Product Security,Secure Software Development Designation Associate

As a Product Security Lead at Nokia, you will be at the forefront of developing robust security features for our products and customers. You will work closely with cross-functional teams to assess security threats, design innovative solutions, and implement rigorous security protocols within our cloud-native architecture. Your role will require you to problem-solve requirements, manage feature implementation, and optimize system performance, ensuring our products are secure, scalable, and reliable. You have: 7+ years of experience in software development or testing within Telecommunications Networks. Proficiency in cloud-native design and development. Experience with vulnerability management tools (e.g., VAMS). Expertise in security assessments with tools like Black Duck Hub, Tenable, NMAP, and NetSparker. Working knowledge of secure protocols (TLS/DTLS/SSH) and encryption methodologies. It would be nice if you also had: Knowledge of cloud and containerization security aspects Familiarity with the security architecture of products Any certifications in Security Management and exposure to SAFe agile methodologies Drive the development of product and customer security features, ensuring efficiency, scalability, and reliability. Conduct SOC, threat & risk analysis to identify vulnerabilities and develop effective mitigation strategies. Oversee security assessments using tools like Black Duck, Tenable, and NMAP, and thoughtful resultant reports. Enhance system architecture by adopting cloud-native approaches and ensuring compliance with industry standards. Manage feature implementation, focusing on code quality and optimization of system performance.

As a Product Security Lead at Nokia, you will be at the forefront of developing robust security features for our products and customers. You will work closely with cross-functional teams to assess security threats, design innovative solutions, and implement rigorous security protocols within our cloud-native architecture. Your role will require you to problem-solve requirements, manage feature implementation, and optimize system performance, ensuring our products are secure, scalable, and reliable. You have: 7+ years of experience in software development or testing within Telecommunications Networks. Proficiency in cloud-native design and development. Experience with vulnerability management tools (e.g., VAMS). Expertise in security assessments with tools like Black Duck Hub, Tenable, NMAP, and NetSparker. Working knowledge of secure protocols (TLS/DTLS/SSH) and encryption methodologies. It would be nice if you also had: Knowledge of cloud and containerization security aspects Familiarity with the security architecture of products Any certifications in Security Management and exposure to SAFe agile methodologies Drive the development of product and customer security features, ensuring efficiency, scalability, and reliability. Conduct SOC, threat & risk analysis to identify vulnerabilities and develop effective mitigation strategies. Oversee security assessments using tools like Black Duck, Tenable, and NMAP, and thoughtful resultant reports. Enhance system architecture by adopting cloud-native approaches and ensuring compliance with industry standards. Manage feature implementation, focusing on code quality and optimization of system performance.

As a Product Security Lead at Nokia, you will be at the forefront of developing robust security features for our products and customers. You will work closely with cross-functional teams to assess security threats, design innovative solutions, and implement rigorous security protocols within our cloud-native architecture. Your role will require you to problem-solve requirements, manage feature implementation, and optimize system performance, ensuring our products are secure, scalable, and reliable. You have: 7+ years of experience in software development or testing within Telecommunications Networks. Proficiency in cloud-native design and development. Experience with vulnerability management tools (e.g., VAMS). Expertise in security assessments with tools like Black Duck Hub, Tenable, NMAP, and NetSparker. Working knowledge of secure protocols (TLS/DTLS/SSH) and encryption methodologies. It would be nice if you also had: Knowledge of cloud and containerization security aspects Familiarity with the security architecture of products Any certifications in Security Management and exposure to SAFe agile methodologies Drive the development of product and customer security features, ensuring efficiency, scalability, and reliability. Conduct SOC, threat & risk analysis to identify vulnerabilities and develop effective mitigation strategies. Oversee security assessments using tools like Black Duck, Tenable, and NMAP, and thoughtful resultant reports. Enhance system architecture by adopting cloud-native approaches and ensuring compliance with industry standards. Manage feature implementation, focusing on code quality and optimization of system performance.

As a Product Security Lead at Nokia, you will be at the forefront of developing robust security features for our products and customers. You will work closely with cross-functional teams to assess security threats, design innovative solutions, and implement rigorous security protocols within our cloud-native architecture. Your role will require you to problem-solve requirements, manage feature implementation, and optimize system performance, ensuring our products are secure, scalable, and reliable. You have: 7+ years of experience in software development or testing within Telecommunications Networks. Proficiency in cloud-native design and development. Experience with vulnerability management tools (e.g., VAMS). Expertise in security assessments with tools like Black Duck Hub, Tenable, NMAP, and NetSparker. Working knowledge of secure protocols (TLS/DTLS/SSH) and encryption methodologies. It would be nice if you also had: Knowledge of cloud and containerization security aspects Familiarity with the security architecture of products Any certifications in Security Management and exposure to SAFe agile methodologies Drive the development of product and customer security features, ensuring efficiency, scalability, and reliability. Conduct SOC, threat & risk analysis to identify vulnerabilities and develop effective mitigation strategies. Oversee security assessments using tools like Black Duck, Tenable, and NMAP, and thoughtful resultant reports. Enhance system architecture by adopting cloud-native approaches and ensuring compliance with industry standards. Manage feature implementation, focusing on code quality and optimization of system performance.

What You ll Be Doing: Manage security-focused projects, ensuring alignment with organizational goals and industry standards. Oversee security initiatives related to open-source projects, including assessing vulnerabilities, coordinating remediation efforts, and promoting best practices within the engineering teams. Collaborate closely with stakeholders to define project objectives, scope, and deliverables. Develop and maintain comprehensive project plans. Drive effective communication and collaboration across cross-functional teams. Monitor program progress and implement solutions to keep projects on track. Drive continuous improvement initiatives by evaluating current processes and recommending enhancements to increase efficiency and security effectiveness. Proactively identify challenge areas and risks requiring executive engagement. Identify issues and roadblocks, and escalate with the right level of details and priority. Drive problem resolution through fact-based, conscious, and quality decision-making. The Impact You Will Have: Ensure the security and integrity of Synopsys products, particularly in open-source environments. Lead the initiatives w.r.t product security. Develop strategic project plans that align with organizational goals and industry standards. Facilitate cross-functional collaboration to enhance communication and project outcomes. Implement solutions to keep projects on track, ensuring timely delivery and high-quality results. Promote best practices and continuous improvement initiatives within the engineering teams. Identify and mitigate risks, ensuring proactive management of potential challenges. Provide valuable insights and recommendations based on data analytics, driving enhancements in product security. Foster a culture of security awareness and compliance within the organization. Contribute to the overall success of Synopsys security and data engineering initiatives. What You ll Need: Project Management Experience: 2+ years of experience specifically in technical program management with overall experience of 8 to 12 years. Hands-on working knowledge in Python / Perl. Ability to do code reviews and take part in design discussions. Product Security Knowledge: Strong understanding of product security principles, especially related to open-source projects. Experience with cloud platforms such as AWS, Azure, or Google Cloud. Communication skills: Excellent verbal and written communication abilities for cross-functional collaboration. Stakeholder Management: Ability to define project objectives and collaborate closely with stakeholders. Project Planning: Skills in developing and maintaining comprehensive project plans. Who You Are: A proactive and detail-oriented leader who can manage complex projects and drive them to successful completion. An excellent communicator who can effectively collaborate with cross-functional teams and stakeholders. A strategic thinker with a strong understanding of product security and data engineering principles. A problem solver who can identify challenges and implement effective solutions. A continuous learner who stays updated with the latest industry trends and best practices.

Implement and enforce Secure Software Development Lifecycle (SSDLC) practices across all Whatfix technology projects, ensuring security risks are effectively identified and mitigated throughout development. Conduct Vulnerability Assessment and Penetration Testing (VAPT) for SaaS applications, APIs, and cloud infrastructure, identifying security weaknesses and ensuring timely remediation in collaboration with development teams. Enhance application security by improving secure coding guidelines, integrating security automation, conducting developer training, and defining security metrics. Perform threat modeling using STRIDE to proactively identify security risks in the design phase and recommend effective mitigation strategies. Perform security architecture and design reviews, focusing on core security principles to enhance product security. Work closely with product and solution teams to achieve the objectives of the cybersecurity software security program. Conduct secure code reviews across various programming languages, identifying vulnerabilities and providing actionable recommendations for prevention and remediation. Perform both Manual and Automated Security Testing for identifying application vulnerabilities. Responsible for identifying security vulnerabilities, reporting issues, and collaborating with development teams to ensure timely remediation and closure. Responsible for coordinating and ensuring the successful execution of external VAPT assessments. Responsible for managing and assessing security issues reported through the bug bounty program, ensuring proper triage and remediation. Participate in both internal and external product security audits to ensure compliance and identify security improvements. Conduct and facilitate secure coding training sessions for engineering teams to enhance security awareness and best practices Collaborate with GRC and TPRM teams to align security initiatives with regulatory compliance, third-party risk management (TPRM), and security policies, ensuring adherence to industry standards regulations such as GDPR, ISO 27001, SOC 2, and FedRAMP. Ability to articulate and convey security threats and risks to diverse audiences, effectively emphasizing mitigation techniques and strategies Skills : In-depth knowledge of OWASP Top 10 and CWE 25, with a proven track record of implementing and integrating effective remediation strategies. Possess a strong understanding of microservices, APIs, and web applications, including their security best practices and potential vulnerabilities. Deep knowledge and experience in using SAST, DAST, IAST, SCA and fuzz testing tools. Experience in threat modeling using STRIDE, identifying potential security risks and implementing effective mitigation strategies. Knowledge of RESTful web services (client server application) Hands-on experience with automation and DevSecOps practices to enhance security integration in development workflows. Proficiency in high-level programming languages such as Java and .NET, with additional expertise in DAST code reviews as a plus. Strong understanding of SDLC methodologies, with flexibility to work in Agile environments. Proven experience in providing technical oversight to project team members, ensuring engagement quality and adherence to security best practices. Familiarity with code management systems (e.g., BitBucket), CI/CD pipelines (e.g., Jenkins), containerization (Docker, Kubernetes), microservices architecture, and authentication frameworks like OAuth 2.0 and OpenID Connect. Well-versed in both waterfall and agile development models, with experience embedding secure development practices in both. Extensive experience in driving and implementing Secure SDLC (SSDLC) practices, ensuring seamless security integration into the development process. Proficient in at least two scripting languages, such as Python, Perl, PHP, or Ruby. Experience in performing static code analysis using tools like Checkmarx, Github advanced code security to identify security vulnerabilities. Qualifications: Qualification Required: Bachelor/Master Degree in either Computer Engineering or Information science Preferred certifications: OSCP, CEH, ECSA, or other industry-recognized security certifications. Minimum experience: 5-8 years of experience in Product Security