Senior Product Security Engineer

Description

• Provide support to cross-functional teams with a high attention to detail.
• Research, analyze, and document security findings.
• Conduct security assessments, threat modeling, and vulnerability reporting.
• Develop security architecture patterns for new solutions and products.
• Perform application security reviews to identify and validate vulnerabilities and attack chains.
• Communicate findings, attack paths, and recommendations to technical and executive stakeholders through reports and presentations.
• Develop and maintain penetration testing methodologies.
• Support secure software development lifecycle activities across multiple security domains.
• Participate in requirements gathering, secure coding and configuration, software testing, and third-party component and defect management.
• Serve as a point of contact for secure development and security best practices.
• Embed security gates into existing SDLC processes and leverage automation when possible.
• Drive standards, practices, and processes to track adherence to application security requirements and best practices.
• Serve as the security authority for assigned products and ensure vulnerabilities are fixed within SLAs.
• Embed s-SDLC controls in assigned products and act as control owner for a subset of controls.
• Perform domain-specific threat modeling, attack surface analysis, and attack surface reduction.