139 Product Security Jobs - Page 6

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data ServicesMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities:Design and implement secure, scalable GCP architectures.Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO).Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor.Manage Cloud Security Command Center for visibility, governance, and incident response.Implement Cloud Operations Suite for logging, alerting, and security analytics.Conduct threat modeling, vulnerability assessments, and define remediation paths.Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations.Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles.Support audit preparation, policy compliance, and security documentation efforts.Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset.Strong communicator with cross-functional collaboration experience.Continuously stays updated with evolving cloud threat landscapes.Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement.Experience with Terraform, automated auditing, and log analysis tools.- Additional Information:Bachelors degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; CCSP preferred.- 7+ years in security roles, with 3+ years in hands-on GCP security delivery.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role We are looking for a skilled Application Security Engineer to strengthen our security posture by proactively identifying and mitigating vulnerabilities across our web applications, APIs, and mobile apps. The ideal candidate will have a strong background in penetration testing, secure code review, and security automation. Roles & Responsibilities(What will you do): -Perform penetration testing of web applications, APIs, and mobile apps, providing in-depth vulnerability analysis and remediation guidance. -Conduct manual and automated secure code reviews, primarily in Java, Python, and JavaScript. -Develop security automation solutions using Python to streamline testing, improve coverage, and reduce manual effort. -Work closely with development teams to ensure timely resolution of security issues within fast-paced release cycles. -Create and maintain threat models, applying threat modeling techniques to proactively identify and mitigate design-level security risks. -Foster a security-first mindset by educating developers on secure coding practices, common vulnerabilities, and attack vectors while effectively communicating security findings to stakeholders. What Makes You a Great Fit -1-5 years of experience in application security, penetration testing, or related fields. -Strong penetration testing expertise with tools like Burp Suite, OWASP ZAP, semgrep, MobSF, Jadx-GUI and other mobile security testing frameworks. -Experience integrating security into SDLC and familiarity with DevSecOps tools. -Proficiency in secure coding principles, OWASP Top 10, CWE, and exploit techniques. -Strong scripting skills (Python preferred) for security automation. -Excellent communication and stakeholder management abilities. -Passion for continuous learning and staying updated on security trends. -Certifications like OSCP, OSWE, CRTP, or a proven Bug Bounty track record and/or CTF partipation are a plus PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy

We Are: At Synopsys, we drive the innovations that shape the way we live and connect Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content Join us to transform the future through continuous technological innovation, You Are: The ideal candidate for the Project Engineering Management, Staff Engineer role is a seasoned Technical Project Manager with a strong focus on Product Security Compliance You will leverage your exceptional project management skills to drive complex projects related to Open-source projects and Product Security You will play a critical role in ensuring the security and integrity of our products while collaborating with cross-functional teams to drive initiatives that enhance our security posture, You will oversee the planning, execution, and delivery of complex security compliance projects You will work closely with security engineers, product managers, business stakeholders, and IT teams to ensure that projects are delivered on time, within scope, and within budget This role requires a strong understanding of Open Source, Product Security, and project management principles, In addition, you will coordinate cross-product dependencies, identify and escalate issues, manage risk and change from conception to delivery, and drive problem resolution through fact-based, conscious decision-making while promoting, implementing, and improving team, cross-functional, and cross-departmental business and engineering processes and practices, What Youll Be Doing: Manage security-focused projects, ensuring alignment with organizational goals and industry standards, Oversee security initiatives related to open-source projects, including assessing vulnerabilities, coordinating remediation efforts, and promoting best practices within the engineering teams, Collaborate closely with stakeholders to define project objectives, scope, and deliverables, Develop and maintain comprehensive project plans, Drive effective communication and collaboration across cross-functional teams, Monitor program progress and implement solutions to keep projects on track, Drive continuous improvement initiatives by evaluating current processes and recommending enhancements to increase efficiency and security effectiveness, Proactively identify challenge areas and risks requiring executive engagement, Identify issues and roadblocks, and escalate with the right level of details and priority, Drive problem resolution through fact-based, conscious, and quality decision-making, The Impact You Will Have: Ensure the security and integrity of Synopsys' products, particularly in open-source environments, Lead the initiatives w r t product security, Develop strategic project plans that align with organizational goals and industry standards, Facilitate cross-functional collaboration to enhance communication and project outcomes, Implement solutions to keep projects on track, ensuring timely delivery and high-quality results, Promote best practices and continuous improvement initiatives within the engineering teams, Identify and mitigate risks, ensuring proactive management of potential challenges, Provide valuable insights and recommendations based on data analytics, driving enhancements in product security, Foster a culture of security awareness and compliance within the organization, Contribute to the overall success of Synopsys' security and data engineering initiatives, What Youll Need: Project Management Experience: 2+ years of experience specifically in technical program management with overall experience of 8 to 12 years, Hands-on working knowledge in Python / Perl Ability to do code reviews and take part in design discussions, Product Security Knowledge: Strong understanding of product security principles, especially related to open-source projects, Experience with cloud platforms such as AWS, Azure, or Google Cloud, Communication skills: Excellent verbal and written communication abilities for cross-functional collaboration, Stakeholder Management: Ability to define project objectives and collaborate closely with stakeholders, Project Planning: Skills in developing and maintaining comprehensive project plans, Who You Are: A proactive and detail-oriented leader who can manage complex projects and drive them to successful completion, An excellent communicator who can effectively collaborate with cross-functional teams and stakeholders, A strategic thinker with a strong understanding of product security and data engineering principles, A problem solver who can identify challenges and implement effective solutions, A continuous learner who stays updated with the latest industry trends and best practices, The Team Youll Be A Part Of: This role helps Synopsys build products securely and be compliant with security standards The EPMO team provides program management support to all the Synopsys Central Engineering programs and initiatives The main focus of this role would be to ensure product security compliance and provide program management support to Data Engineering initiatives in Synopsys Central Engineering,

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your typical day will involve utilizing your expertise in product security to ensure the security of our systems and data, identifying vulnerabilities, and implementing effective security measures. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Identify vulnerabilities in systems and applications and develop strategies to mitigate risks. Implement and maintain security measures to protect systems and data. Conduct security assessments and audits to identify potential threats and weaknesses. Collaborate with cross-functional teams to ensure security best practices are implemented. Stay up-to-date with the latest security trends and technologies. Assist in incident response and recovery efforts. Provide guidance and support to junior security professionals. Professional & Technical Skills: Must To Have Skills:Proficiency in Product Security. Experience with threat modeling and risk assessment methodologies. Strong understanding of network security protocols and technologies. Knowledge of secure coding practices and vulnerability management. Familiarity with security frameworks and compliance standards. Good To Have Skills:Experience with cloud security technologies. Experience with security incident management and forensics. Knowledge of encryption algorithms and cryptographic protocols. Additional Information: The candidate should have a minimum of 3 years of experience in Product Security. This position is based at our Pune office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Security Architect – Enterprise AI Strategy, Scalable ML Platforms, and Secure AI DesignWe are looking for a seasoned and visionary AI Architect with 12+ years of experience in designing, securing, and leading scalable, responsible AI systems. This role blends AI solution architecture with security architecture and is ideal for professionals who bring together deep technical knowledge, strategic thinking, and a passion for trustworthy, ethical innovation.As an AI Architect, you will define the enterprise AI and security architecture, embed secure-by-design practices across AI platforms, and ensure alignment with privacy, compliance, and ethical standards across the entire ML lifecycle Roles & Responsibilities: Own the architectural vision for enterprise-wide AI and ML platforms, ensuring scalability, resilience, security, and regulatory compliance. Develop and maintain architectural blueprints for secure and responsible AI, covering areas such as bias mitigation, explainability, threat modeling, and data protection. Define and implement AI security architecture practices, including secure access to models, datasets, APIs, and ML pipelines. Collaborate with MLOps, engineering, DevSecOps, and cloud security teams to develop standardized, reusable, and secured AI infrastructure components. Ensure AI systems comply with global regulations and standards (e.g., GDPR, ISO 42001, NIST AI RMF, and ISO/IEC 27001). Evaluate and introduce tools and frameworks that support privacy-preserving AI, adversarial robustness, model security, and interpretability. Lead efforts to design and enforce secure AI development workflows, from data ingestion to model deployment and monitoring. Partner with Security Architects and Risk teams to identify and mitigate AI-specific attack surfaces, including adversarial attacks and model poisoning. Conduct risk assessments and threat modeling for AI systems, including LLMs, generative models, and federated learning architectures. Collaborate with internal InfoSec, Privacy, and Legal stakeholders to align AI initiatives with enterprise cybersecurity strategies. Establish monitoring and incident response guidelines for AI workloads, including model drift, data leakage, and compliance alerts. Lead and mentor a multidisciplinary team of AI engineers, ML architects, and AI security specialists. Drive cross-functional initiatives with stakeholders in cloud, legal, compliance, and business domains to ensure holistic AI strategy implementation. Serve as a strategic advisor on AI and ML security topics across various business units and projects. Support the development and enforcement of enterprise-wide AI security and governance policies. Lead architecture review boards focused on AI and ensure consistent application of best practices across AI platforms. Professional & Technical Skills: Strong experience designing and deploying secure, large-scale ML systems in cloud and hybrid environments. Deep understanding of secure development practices, identity and access management (IAM) for ML workloads, model versioning, and auditability. Familiarity with:oCloud-native security tools (AWS IAM, KMS, GCP Workload Identity, Azure Key Vault)oAI attack mitigation (e.g., adversarial training, input sanitization, model watermarking)oSecure MLOps and CI/CD for AIoTools for model explainability (SHAP, LIME), monitoring (Prometheus, Grafana), and compliance tracking. Experience with data privacy, encryption techniques (at rest/in transit/in use), and secure federated learning is a plus. Proven leadership in AI security architecture and secure ML engineering practices. Exceptional stakeholder communication and ability to advocate for responsible AI across technical and executive teams. Strategic mindset with an ability to balance innovation with risk mitigation. Strong documentation, risk assessment, and audit reporting skills in security-centric environments. Proven success in building and securing AI platforms with strong focus on privacy, ethical AI, and regulatory compliance. Additional Information:Bachelor's or Master's degree in Computer Science, Artificial Intelligence, Information Security, or related field.Industry certifications preferred: Cloud AI (e.g., AWS Certified Machine Learning – Specialty, GCP ML Engineer) Security (e.g., CISSP, CCSP, Certified AI Security Professional, TOGAF) 12+ years of experience in AI/ML solution architecture with 4+ years focused on AI security, governance, or compliance. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Product Security Good to have skills : Google Cloud Data Transfer Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect – Cloud Security Strategy, Governance, and ArchitectureWe are seeking an accomplished GCP Security Architect with 12+ years of experience in cloud security architecture, threat modeling, and governance across enterprise-scale environments. This strategic role involves defining secure cloud architecture standards, driving security-first GCP adoption, and automating risk mitigation initiatives across business units. Roles & Responsibilities: Define and implement enterprise-wide GCP security architecture strategy. Design and implement secure GCP architectures aligned with business and compliance needs. Lead design reviews covering IAM (IDP, SSO, MFA), VPC security, VPNs, data encryption, and secure interconnects. Implement Cloud Armor, Cloud Security Command Center, and threat detection pipelines. Conduct threat modeling, risk analysis, and vulnerability assessments for high-impact platforms. Define automated controls and audit checks using Terraform, Cloud Shell, and GCP APIs. Ensure monitoring, logging, and auditing using Cloud Operations Suite. Lead enterprise security design and architecture governance forums. Mentor a team of cloud security professionals and guide platform standardization. Represent GCP security strategy to CISO teams, compliance leadership, and auditors. Define secure-by-design templates and enforce zero-trust access architectures Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling. Ability to manage multiple tasks and deadlines. Expertise in GCP IAM roles, Identity Federation, and Policy Troubleshooting. Advanced knowledge of VPC SC, KMS, security perimeters, and encryption standards. Hands-on with IaC tools like Terraform, Cloud Shell scripting, and GCP-native tools. Strong understanding of networking protocols, encryption, and authentication mechanisms. Confident communicator with executive presence. Proactive leader capable of owning enterprise transformation initiatives. Strategic thinker with deep technical foundations. Additional Information:Bachelor's or master's degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; CISSP or CCSP preferred. 12+ years in security, including 5+ years specifically with GCP. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements. Roles & Responsibilities: Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS. Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems. Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs. Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi. Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts. Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance. Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations. Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements. Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols. Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262. Professional & Technical Skills: Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 3–4 years focused on penetration testing, diagnostics security, or secure ECU architecture. Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular. Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways. Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering. Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication. Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms. Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams. Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262). Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation. Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information: 5+ years' experience implementing and performing Automotive Cybersecurity Experience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Engineer / Associate Architect – Cloud Security Operations & EngineeringWe are looking for GCP Security Engineers / Associate Architects with 5+ years of experience in cloud security engineering and automation. This role supports operational security, control configuration, and secure design practices for GCP workloads. Roles & Responsibilities: Implement GCP security controls:IAM, VPC security, VPNs, KMS, Cloud Armor, and secure networking. Manage GCP identity and access, including SSO, MFA, and federated IDP configurations. Monitor workloads using Cloud Operations Suite and escalate anomalies. Conduct basic threat modeling, vulnerability scanning, and patching processes. Automate security audits and compliance controls using Terraform and Cloud Shell scripting. Assist architects in deploying and maintaining secure-by-default infrastructure. Support audit preparation, policy enforcement, and evidence gathering. Collaborate with cross-functional teams to resolve security alerts and findings. Maintain detailed technical documentation and knowledge sharing resources. Professional & Technical Skills: Working knowledge of IAM, KMS, GCP networking, and cloud policy enforcement. Familiarity with IaC tools (Terraform), scripting, and log analytics. Strong desire to grow in the cloud security domain. Good communication skills and proactive approach to problem-solving. Thrives in a fast-paced, learning-oriented environment. Additional Information:Bachelor's degree in Computer Science, IT, or Information Security.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; Associate Cloud Engineer is a plus. 5+ years in security or cloud engineering, with at least 1–2 years in GCP. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities: Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements. Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity. Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces. Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle. Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular). Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules. Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification. Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning. Lead red team exercises and security reviews in coordination with product security and development teams. Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262. Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis. Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces. Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular. In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications. Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments. Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434. Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards. Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering. Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment. Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams. Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information: 7+ years' experience implementing and performing Automotive Cybersecurity This position is based at our Bengaluru office A 15-year full time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect – Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities: Design and implement secure, scalable GCP architectures. Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO). Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor. Manage Cloud Security Command Center for visibility, governance, and incident response. Implement Cloud Operations Suite for logging, alerting, and security analytics. Conduct threat modeling, vulnerability assessments, and define remediation paths. Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations. Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles. Support audit preparation, policy compliance, and security documentation efforts. Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset. Strong communicator with cross-functional collaboration experience. Continuously stays updated with evolving cloud threat landscapes. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement. Experience with Terraform, automated auditing, and log analysis tools. Additional Information:Bachelor's degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; CCSP preferred. 7+ years in security roles, with 3+ years in hands-on GCP security delivery. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: 3+ years' experience implementing and performing Automotive Cybersecurity Knowledge of tools like CANoe, Wireshark, or Ghidra. Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Red Teaming Expert – Adversarial ML, Threat Simulation, and AI Security StrategyWe are seeking a highly experienced and visionary AI Red Teaming Expert 12+ years of experience across cybersecurity and machine learning. This role is ideal for professionals who thrive in dynamic environments and possess a passion for securing cutting-edge AI/ML systems. You will lead red teaming operations, simulate adversarial threats, and guide the organization's AI security posture at strategic and technical levels. The ideal candidate demonstrates deep technical expertise, exceptional leadership, and a keen understanding of adversarial machine learning and risk mitigation frameworks. Roles & Responsibilities: Define and execute the AI red teaming strategy across the organization. Simulate realistic and advanced adversarial attacks against AI/ML systems aligned with business contexts. Review AI/ML system architecture to identify security gaps and advocate for secure design patterns. Establish internal standards and workflows for AI threat modeling, risk assessment, and adversarial testing. Stay ahead of evolving adversarial ML threats and guide the development of defensive strategies. Contribute to secure development practices for model deployment pipelines and lifecycle management. Lead and mentor a specialized team of AI security analysts and red teamers. Represent AI security strategy in executive forums and drive cross-functional alignment. Collaborate with engineering, data science, compliance, and legal stakeholders to integrate security into AI innovation cycles. Drive internal policy-making efforts around responsible and secure AI development practices. Own and lead remediation initiatives, translating findings into actionable improvements across teams. Professional & Technical Skills: Exceptional communication and leadership skills with the ability to convey technical issues to non-technical stakeholders. Proven experience managing high-impact security initiatives and leading diverse teams. Strategic thinker capable of aligning AI security objectives with business goals. Passionate about AI safety, responsible innovation, and emerging threat landscapes. Strong analytical and problem-solving skills in high-pressure environments. Hands-on expertise in red teaming AI/ML systems at scale. Strong understanding of adversarial ML techniques, threat simulation tools, and AI model manipulation tactics. Experience implementing and aligning with frameworks such as OWASP Top 10 for LLMs, ISO 42001, NIST AI RMF. Proficiency in AI/ML pipeline security, model risk evaluation, and secure MLOps practices. Familiarity with deep learning frameworks (e.g., TensorFlow, PyTorch) and their associated vulnerabilities. Demonstrated ability to design, execute, and scale red teaming programs in AI-native environments. Additional Information:Bachelor's or Master's degree in Computer Science, Information Security, Machine Learning, or related field.Recognized certifications such as CEH, OSCP, CISSP, or credentials specific to AI security (e.g., MITRE ATLAS experience) are a plus. 12+ years of experience spanning cybersecurity, AI/ML, and adversarial testing This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Overview The Secure Systems Group (SSG) Product Engineering team is responsible for leading a chipset bring up activities starting from Pre-Silicon phase to commercialization and bring the processes that improve overall execution efficiency in chipset execution in organization . Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Preferred Qualifications: Bachelor's/master's degree in engineering, Information Systems, Computer Science or related field. Responsibilities Experience in security software development. Hands on C programing for embedded platforms on ARM / RISCV processors. Expert understanding of and experience with SMC call implementation and ARM Trace32. Handle increased complexity and ambiguity of new, exploratory, multi-domain, or multi-disciplinary tasks. Strong technical expertise and ownership for the modules owned with limited direction and oversight. Analyze product requirements, identify impacted areas, derive requirements, and produce suitable designs. Independently represent the team to internal and external stake holders / partners on their area of responsibility. Collaborate within and cross functional teams as required to ensure quality work products are delivered. Keep oneself up-to-date with industry trends and technology developments around the related areas of work. Responsible and accountable for timeliness and quality of own deliverables and work products and that of the team. Minimum Qualifications Bachelor's / Master's degree in Engineering, Information Systems, Computer Science, Electronics or related field. Minimum 4 + years of exp. in Software development preferably in Embedded and programming in C / Assembly. Strong understanding of Embedded hardware, Computer Architecture and Operating System concepts. Good understanding of OS concepts such as tasks, signals, timers, priorities, deadlocks, stacks, etc. Understanding of RTOS fundamentals like multi-threading, interrupt management, cache/memory management etc. Experience with code versioning tools (git / perforce) build tools (Makefiles/SCons), and debuggers like JTAG. Experience in leading and driving software development activities independently and working with multiple teams. Experience in managing software projects across all phases like Requirement analysis, Design and validations. Good understanding of Software Security Concepts, Public Key Cryptography, ARM Trust zone, Virtualization etc. Good communication skills & ability to work with engineers, partners & customers across cultures / geographical sites Good expertise and experience on product security for embedded devices, which may include a subset of the following skillsets Trusted execution environment. Debugging overall system level issues using ARM Trace32. Experience in working on Qualcomm snapdragon chipsets (If any). Device integrity & Authentication, OS level Secure use-cases knowledge. Protected virtualization Embedded/real time OS security, Vulnerability detection methods, Hardware access control, Secure provisioning and debug,

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive. Our technologies are at the heart of modern applications that are enabling digital transformation across the globe! We give the world’s largest businesses, service providers, governments, and consumer brands the ability to securely deliver every app, anywhere—with confidence. We do this by working collaboratively in an innovative environment, helping each other succeed. We take extraordinary pride in being trusted advisers to our customers, offering the best solutions for their interests. If our mission and culture excite you, we would love to talk with you! We are seeking a Distributed Cloud Support Engineer II who is hardworking and committed to customer success. You are comfortable in both the Support and Engineering environments, translating technical documentation and conversations into clear, concise directions for customers and partners. You are passionate about helping our customers tackle and solve problems. You will provide support via phone, email, messaging, and web portal. Support requests range in complexity from "how to" questions through involved debugging and forensic efforts when prioritizing operational issues. Visualizing problems remotely is key to being successful in this role along with excellent analytic and troubleshooting skills. You will have a significant career growth opportunity within a fast-paced SaaS company. What will you do? Fix reported issues and advocate for the customer. Collaborate with sales and engineering teams to provide support to resellers, service provider and enterprise customers, as well as end users via telephone, e-mail, Slack and the web portal. Issue reproduction and concise documentation of solutions provided through technical notes, case studies and knowledge base articles. Critical issue management and customer assurance when handling reported issues. Coordinate fixes by Engineering or Developers when required and relay appropriate information to our partners and customers. Provide recommendations on how to improve supportability, reliability, availability, and serviceability based on lessons learned through issue resolution. Training and enabling our service partners to ensure that they can sufficiently support customer issues. How do you qualify? 2 or more years of experience working in an operations environment. Background in customer service/support and IT, networking, or IT security incident management. Experience driving efficiencies, handling growth, and delivering results. Good understanding of IT, Network, or IT SOC best practices and a real passion for continuous improvement. Strong organizational skills and work well with contacts in various business subject areas. Conversationally and technically fluent in English verbally and written. Advantageous to have: Strong understanding of Networking and Layer 7 Protocols. Familiarity with Container technologies (Docker and Kubernetes). Knowledge of Data Representation types (XML, JSON, YAML). Public cloud experience with Amazon Web Services (AWS), Google Cloud Platform (GCP) and/or Microsoft Azure is preferred. Security product/solutions experience (Firewalls, WAFs, DDoS Mitigation) is preferred. Strong troubleshooting skills, independent and collaborative. Approachable disposition and steadfast in delivering. Ability to prioritize and multitask when leading sophisticated technical issues. Proven understanding of routing and switching technologies. Ability to read different scripting and automation languages (Python, Shell and Ansible). Bachelor’s degree in technologically relatable field or equivalent practical experience. Physical Demands and Work Environment This role requires availability outside normal business hours to align with the distributed team or to respond to critical security events. Some travel may be required (less than 10%). The About The Role is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com ) . Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates . Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.