Specialist I - Product Security and Privacy - RQO-167

Specialist I - Product Security and Privacy - RQO-167

03 May
Bangalore Rural

03 May


Bangalore Rural

Job Description

This role, embedded in to product development life cycle will ensure- Secured by Design, Privacy by Design and Threat modelling aspects are carried out as part of Secured Software Development Life Cycle.

Individuals in this role will engage with Architects, Technical leads and R&D; Engineering & Development teams to ensure the security and privacy considerations are considered well in advance during the product development cycle. They will review the High-level design, Low-level design and System specification documentation for security consideration and sign them off before the development happens.

They also collaborate with architects to arrive at appropriate security and Privacy solutions balancing the risks and the business impact.

Specific job responsibilities include:

- Assess the security for software/Product architecture – guide the product architects to ensure security is built in to at the design level itself

- Assist Philips business units in the development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.

- Participate in, release Plan events, Scrum meetings, Product demos, product design and architectural discussion to ensure Security and Privacy throughout the development lifecycle

- Verify that security and privacy requirements defined in the security plans, policies, and procedures are followed and protection measures are functioning as intended.

- Conduct security and privacy reviews to determine compliance.

- Guide the business unit in their management of the resolution of security audit or review findings.

- Provide security risk management and security advice as well as advice on strategic direction relating to product and information security.

- Work with deployment/operations information security officer to proactively and cooperatively communicate and mitigate risks.

- Assist with security incidents and review risk and impact of breaches to protected systems.

- Participate in architecture and design of services providing information and product security advice.

- Review proposed services, engineering changes, and feature requests for security implications and needed security controls.

- Ensure risk reports and KPIS to the management

Required experience

- ~5+ years of security experience including responsibility for the security of a software application and IT infrastructure including defining product security roadmap

- Product/Information security experience in all phases of service development and deployment including architecture, design, development, testing, release, and operational maintenance

- Incident management, including analysis and response

- Experience in designing security solutions.

- Experience in assessing security of-iaas, paas, saas platforms would be helpful

- Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).

- Global working experience in enterprise application development & Cloud Computing

- Technical leadership experience in the Software Security field.

- Experience and knowledge of penetration testing methodologies and tools.

- Conducting information security analyses, audits, and reviews

Preferred experience

- Experience in the healthcare sector and HIPAA

- Experience leading change management systems

- Experience with NIST 800-53

- Ideal candidate would have worked on the software development initially and then graduated in to either -S/W architecting/security assessments ensuring security in the product design

Required skills

- Excellent Cyber Security capabilities

- Strong knowledge of secure software development lifecycle and practices such as threat modelling, security reviews, penetration tests, and security incident response 

- Understanding of security by design principles and architecture level security concepts

- Exposure to privacy requirements

- Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities 

- Excellent communication and leadership skills 

- Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders 

preferred skills

- Sound security engineering knowledge ( technical) so as to work collaboratively with the Tech Leads and software/products architects to ensure secure Products

- Knowledge of information system architecture and security controls (e.g., firewall and border router configurations, wireless architectures, specialized appliances)

- Sound implementation Knowledge of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OATH authentication, 2FA

required certifications

- Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP, CISSP, CISM, CIPP, CIPT, CIPM,or SABSA


The original job offer can be found in Kit Job:

Reply to this offer

Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.

Subscribe to this job alert:
Enter Your E-mail address to receive the latest job offers for: specialist i - product security and privacy - rqo-167
Publish a new Free Offer
Need to publish an offer? With more than 1 million unique users per month, you will find the ideal candidate for your company instantly, what are you waiting for!
Publish Now

Subscribe to this job alert