4 Security Assurance Jobs

As a Hardware/Firmware Product Security Engineer at Sandisk, you will play a crucial role in the Product Security Assurance team focusing on security considerations for Client and Enterprise storage products, specifically Solid State Drives (SSDs) incorporating hardware and firmware components. Your responsibilities will include providing clear technical guidance and risk mitigation advice to engineering and business leaders across various levels. You will contribute to evolving secure development practices at Sandisk to align with dynamic market trends, standards, and regulatory requirements. Throughout the product development lifecycle, you will offer expert advice on secure development practices, assess security risks, conduct threat modeling activities, and validate security requirements at both component and system levels. Your role will involve leading security risk assessments, guiding threat modeling activities, and participating in the validation of security requirements. The ideal candidate for this position has a strong background in architecting and developing hardware/firmware solutions that adhere to the highest cybersecurity standards. If you are highly motivated, passionate about technology, and committed to staying abreast of the latest industry trends and technologies, we invite you to join our collaborative team to innovate the next big thing in data! Qualifications: Basic Qualifications (Required Skills & Experience): - Bachelor's degree or higher in Computer Science, Engineering, or a relevant field from an accredited college/university - Designing and engineering security requirements and controls for HW/FW (storage experience is a plus!) - Familiarity with cybersecurity standards and best practices - Security architecture design and integration for hardware and firmware - Understanding of low-level hardware-software interactions, such as storage in flash, RAM, or cache - Proficiency in security threats, risk assessments, threat modeling, risk mitigation, and incident reporting - Experience working with cryptographic protocols/libraries Typical Minimum Experience Preferred (Desired Skills/Experience): - 5-7 years of related experience preferred - 3+ years of embedded hardware/software design and development - Knowledge of FIPS 140 - Experience in real-time software development, vehicle electronics and controls, embedded systems design, application security, penetration testing, or incident response - Experience with embedded software development is an added advantage Sandisk values diversity and is committed to maintaining confidentiality in accordance with EEO guidelines.,

Are you ready to power the world's connections If you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we're looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others. Kong is establishing a global Customer Assurance team that will play an important role in helping Kong gain and keep the trust of its customers around the world with respect to its information security, operational resilience, and data governance practices. Reporting to Kong's US-based Director, GRC, the Customer Assurance Senior Manager will be the first hire into this India-based team and will play an important role in helping build the team. Manage Customer Assurance: Oversee customer assurance initiatives, focusing on completing customer security questionnaires, RFP security sections, certification documentation sharing, and other due diligence requests to build trust in Kong's product and service security. Lead the customer assurance team and communicate program issues to leadership as needed. Ensure a deep understanding of the product and maintain a well-organized library of resources. Coordinate Cross-Functional Responses: Serve as the primary point of contact for customer security and compliance inquiries. Collaborate with internal teams (Compliance, Security, Engineering, Legal, etc.) to gather necessary information and provide thorough, prompt, and accurate responses to customer questionnaires and inquiries. Develop Scalable Processes: Create and refine processes to efficiently handle questionnaire completion and information security inquiry responses. Maintain a repository of standard answers, templates, and documentation to enhance efficiency and consistency. Leverage tools or automation to manage repetitive questionnaire content. Proactive Customer Assurance: Produce and maintain customer-facing security documentation and collateral (such as FAQ and trust portal content). Anticipate and address common customer questions proactively to build trust. Cross-Department Collaboration: Work closely with global Sales and Customer Success teams during pre-sales and renewal cycles to address security and compliance questions. Attend customer calls as the company's Customer Assurance representative, providing clear explanations of our security posture and practices to shorten sales cycles and reassure customers. Program Monitoring and Improvement: Track and report on customer assurance activities and metrics (such as questionnaire turnaround times, common security concerns, and customer feedback). Use these insights to continuously improve the customer assurance program, streamlining workflows, enhancing answer quality, and maintaining thorough and timely communication. What you'll bring: Experience: Over 5 years of experience in information security or compliance, with substantial involvement in security assurance or GRC programs. At least 1 year of experience in a customer-facing role, such as responding to client security questionnaires or participating in trust-building activities. Total professional experience is less than 15 years. Security Knowledge: Understanding of security and compliance frameworks/standards (such as SOC 2, ISO 27001, NIST, GDPR, CCPA). Working knowledge of cloud security principles and IT controls related to SaaS environments. Technical Skills: Expertise with cloud platforms such as GCP, Azure, or AWS, as well as containerization technologies like Docker and Kubernetes. Strong background in SaaS security. Non-Technical Skills: Experienced in creating clear and accessible documentation that explains complex technical scenarios to non-technical audiences. Process Management: Ability to manage multiple requests simultaneously and meet deadlines. Experience maturing customer assurance processes, such as implementing tools for security questionnaire automation or knowledge bases. Experience developing or improving processes to increase efficiency is a plus. Communication Skills: Ability to translate complex security concepts into clear, customer-friendly written and verbal communication. Comfortable interacting with enterprise customers and internal stakeholders. Collaboration: Ability to collaborate effectively with diverse groups (engineering, legal, sales, etc.) through proactive and customer-service-focused approaches. Education: Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent work experience). This opportunity requires you to work from our office in Bangalore, India in a hybrid manner with three days in the office and two days working from home. Preferred Qualifications: Certifications: Professional certifications such as CISSP or CISA (preferred but not required). SaaS/Industry Experience: Experience working in a SaaS company, especially in cloud services or API management. About Kong: Kong Inc., a leading developer of cloud API technologies, is on a mission to enable companies around the world to become API-first and securely accelerate AI adoption. Kong helps organizations globally - from startups to Fortune 500 enterprises - unleash developer productivity, build securely, and accelerate time to market. For more information about Kong, please visit www.konghq.com or follow us on X @thekonginc.,

You should have a minimum of 12 years of experience in Sales, Consulting, or Presales in the cybersecurity domain. A consultative problem-solving services-oriented, solution-led approach and experience are preferred. Your demonstrated ability for consultative sales in the cybersecurity domain should be targeting CISO/CXOs. Skills in areas of risk advisory and various cybersecurity frameworks, along with an understanding of the cybersecurity OEM ecosystem and dexterity in crafting winning services proposals are critical. Expertise in any core security element of Device Management, Network Security, Zero Trust Frameworks, and Managed Detection and Response (MDR) Services is required. Knowledge in Data Security and Privacy, various Industry compliance Frameworks from SEBI, RBI, IRDA, DPDP, Security Assurance, and Cloud Security areas is essential. You should have proven expertise and experience in crafting complex managed security services (MSS) proposals which include multiple cybersecurity domains like network security, device management, security operations, SOC services, etc. Reviewing technology designs with technology architects and engineers while considering local and regional regulatory requirements is part of the role. Experience with assessment of a comprehensive and broad set of security technologies and processes, data protection, identity and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments is necessary. Additionally, expertise in Infra security architecture and any subject matter expertise within network infrastructures and perimeter security technologies such as firewalls, load balancers, WAF, CASB, proxies, SDN, DNS, and DDOS solutions is expected. A solid grasp of private/hybrid/public clouds and legacy IT infrastructures is required. You should be highly familiar with public and private cloud technologies (e.g., AWS, Azure, GCP, VMWare, etc.) and their Security offerings, preferably based on certifications and some hands-on experience. Maintaining in-depth knowledge of the competition's offerings and strategies is important. You will lead the development of integrated solutions, including terms and conditions, to create a final customer proposal. An understanding of emerging technologies & trends like XDR, MDR, CASB, SASE, Microservices, Kubernetes, containers, Intelligent Automation, DevSecOps, Zero Touch, etc., is preferred. A Bachelor's degree or Master's degree is also desirable for this role.,

Role & responsibilities Minimum 2 years of team management experiences. Minimum 4 years of experience in Networking related field with network project experience Minimum 6 years of IT experience. Multinational Corporation networking experience is preferred Experience of administering a medium-sized network (750+ nodes) is preferred Sound knowledge of System and Networking Technologies: Switches, Routers, Hubs, Servers, Cables, Racks, Firewalls, LAN, WAN, TCP/IP, DNS, UDP, Latency, QoS, BGP, OSPF, MPLS, DHCP, ACLs, GRE, IPSec VPN, IDS Basic Windows server and Linux server knowledge Communicating effectively Pursuing excellence Strong leadership capability Good project management skills Good English skills (verbal and written) Preferred candidate profile