Product Security Engineer Job Description
Product Security Engineer Duties & Responsibilities
To write an effective product security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included product security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Product Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Product Security Engineer
List any licenses or certifications required by the position: CISSP, CSSLP, PMP, CCSP, GIAC, OSCP, IAM, GWAPT, SANS, HCISPP
Education for Product Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the product security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Computer Engineering, Technical, Education, Information Systems, Information Security, Electrical Engineering, Software Engineering, Technology
Skills for Product Security Engineer
Desired skills for product security engineer include:
Desired experience for product security engineer includes:
Product Security Engineer Examples
Product Security Engineer Job Description
- Work across project and technology boundaries to promote integrated solutions based on open source products
- Demonstrates working knowledge of systems and products and how they are secured in customers' businesses
- Diagnoses and corrects routine security issues in addition to maintaining associated security controls such as antimalware solutions, system policies, procedures, authentication, and authorization controls
- Serves as the technical Subject Matter Expert (SME) and provides Level III technical support within the extended Service Team around the world, during product installation, repair, troubleshooting and maintenance to internal customers
- Acts as liaison between Service and other functions to determine root cause issues and provides feedback on product design and performance to drive product improvements
- Provides technical input to the development and maintenance of training programs
- Prepares formal written reports/documents/presentations to communicate with a wide-range of audiences, including senior leadership, external stakeholders and World Wide field service team members
- Represents WW TSS on new/sustaining product development teams and drives to improve Product Security
- Develops, implements and maintains worldwide customer support strategy for new and existing products based on the changing Global IT regulations
- Maintains and enhances the departmental standards of performance and promotes a safe working environment throughout the organization
- You are independent and comfortable working in a fast-paced environment
- You use excellent communication skills, on both technical and non-technical issues
- Minimum 6 years in the field of security with 4+ years in security architecture design and review
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field is required
- Minimum of 5 years of experience in software development, systems & architecture concepts and designs
- Minimum of 5 years work experience in product development
Product Security Engineer Job Description
- Work on any number of security and identity related areas and products
- Build systems for detecting anomalous activities within the product
- Coordinate the implementation of cybersecurity solutions with medical device development teams
- Serve as a subject matter expert for solutions, procedures and implementation of cybersecurity systems
- Develop innovative solutions to complex enterprise security platform problems
- Prepare and document departmental standard operating procedures
- Participate in product security risk assessments, hazard analysis, and assist product development engineers with vulnerability remediation
- Represent the product development team on product security incident response teams
- Participate in technical design reviews and code inspections, representing cybersecurity requirements
- Perform application vulnerability assessments
- Good working knowledge of Python and XML
- Functional knowledge of and experience with Ruby or XML are advantages
- Experience with Linux and deployment technologies such as Ansible, Puppet, or Chef
- Good organizational skills, with an ability to work independently with minimal supervision
- Ability to work as part of a geographically distributed team in close collaboration and regular communication with other team members
- Minimum of 3-5 years of Healthcare IT experience as an IT Product Security Subject Matter Expert (SME), preferably with medical instrumentation in a highly regulated, enterprise and global environment
Product Security Engineer Job Description
- Perform high level design work and documentation to support automotive Cyber Security implementation in Electric Power Steering Control Modules
- Traceability of customer requirements to system and component design requirements and test requirements
- Analyze system for vulnerabilities and design solutions to address them
- Support customer meetings to discuss and plan Cyber Security related activities
- Support test teams to validate Cyber Security functionality
- Develop software security guidance including training material, best practices, secure coding checklists, reuseable code
- Understand current and emerging threats in the cloud space
- Provide deep analysis of security issues
- Analyze different cloud partner deployments to assess risks and identify areas of concern
- Share vulnerabilities, flaws, mitigations, and their fixes through the entire update-release life cycle in the team's knowledge base
- Prior lab, hospital or other healthcare experience is required
- Must have demonstrated IT project management and team leading experience for a growing group
- Ideal candidate will be able to assess current product security status and make appropriate recommendations for improvement
- Proactively offers process, procedures and documentation for new product development and strategic long term planning
- Acts as a functional liaison and translates the business and technical requirements to internal customers
- Possesses strong interpersonal and customer service skills
Product Security Engineer Job Description
- Consulting in all areas of the Software Development Lifecycle applied to disparate software methodologies for example agile and waterfall models
- Delivering end-to-end security architecture and design consulting and auditing of connected network systems while ensuring product cyber-security best practices and requirements are maintained
- Delivering technological capabilities that automate security testing for example vulnerability management and penetration testing of Johnson Control products
- Perform regular code scanning, vulnerability & penetration tests to detect flaws and aid in the correction of the design prior to deployment to production
- Analyzing & evaluating product offerings for business cyber security risk impact and exposure, based on emerging security threats, vulnerabilities and risks
- Aid in product security incident and response triage
- Working closely with Research & Development, IT, PMO, Privacy and other functional area specialists to ensure adequate security solutions are in place throughout all products to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements
- Attend industry training, conferences and roundtable forums, for example OWASP AppSec, RSA, Black Hat, to stay up to date on latest technologies, evolving threats and build relationships in the industry to help the organization become a recognized leader in cyber security knowledge
- Represent Global Product Security and the overall product security technical services program on architectural boards, committees, review organizations and so forth
- Work with global teams across CCS and Otis to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber attacks by ensuring adherence to the integrated secure development lifecycle process
- Knowledge of Windows networking fundamentals (IP protocol, switches, routers)
- Strong ability to troubleshoot hardware and software problems in a logical manner using both phone and direct communications with the internal clients
- Must be available to work occasional evenings and weekends as needed
- Ability to work effectively internally in a matrix organization
- Associates or Bachelors degree in Technology or Healthcare related field
- CISPP
Product Security Engineer Job Description
- Observe and support on day-to-day activities of the team
- Partake in a project to improve automation and efficiencies within the team
- Scope and perform application security reviews of our web applications, APIs, and architecture
- Provide our engineers with well-researched security advice to demonstrate vulnerabilities and provide secure development guidance
- Assist in the triage of vulnerabilities that are found internally, privately or publicly disclosed, or reported through our bug bounty program
- Produce research and collaborate with our peers in the broader infosec industry
- Write and promote secure development practices for our engineers
- Knowledge if Windows and Linux internals, multiple languages (PHP, Python, C++, C#, ), mobile and cloud-based technologies and architectures, and wireless testing methodologies
- Create unique dynamic (DAST) and static (SAST) solutions that enable teams to release secure software
- Challenging security minded software development creating unique and emergent data visualization products, assisting leadership to make informed risk based decisions
- Prior work experience in an application security role
- Bachelor’s degree in Computer Science, Information Systems, Electrical Engineering, or related technical field, or equivalent experience
- Experience implementing, evaluating, and developing cryptographic solutions
- Experience building scalable distributed systems
- BS/BA or above in Computer Science or related field
- BS degree in Computer Science or equivalent technology experience