Job Description

:The Application and Product Security Engineer is responsible for evaluating, communicating, and managing the security risk of individual application projects. The Security Analyst is expected to have a thorough understanding of complex IT systems, embedded devices, applications, cloud systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practices and emerging technologies. The ideal candidate will have hands on experience with CI/CD pipelines, static and dynamic code analysis, and industry security frameworks such as OWASP SAMM, and will be a strong communicator. They will be responsible for detecting product and application security threats as well as areas of weakness in products and applications for improvement.This role will support for the members of the Application and Product Security team when it comes to architectural support and technical guidance on security issues. The analyst will also be required to consult directly with the product and application development teams on security topics as they design and develop hardware devices and supporting services.This position will be primarily based out in Thane, INDIA, and will consistently work under the guidance and processes of global security team and will support all the regional as well as global engineering groups. The Analyst will be expected to use their knowledge and experience to further develop internal secure processes and procedures.Key DutiesIn addition to anticipating possible security threats and identifying areas of weakness, the Application and Product Security Engineer must:\xc2\xb7 Act as security design authority for projects within the Vertiv portfolio. Engage from the ideation through the system development lifecycle in project execution\xc2\xb7 Support the implementation of security processes and best practices that support the products, applications, and services operating environment\xc2\xb7 Drive alignment and governance across the various architectural domains\xc2\xb7 Review current system security measures and recommend and implement enhancements\xc2\xb7 Work successfully in a global organization with onshore as well as offshore resources\xc2\xb7 Build a culture of security awareness, and identify training gaps and needs to ensure security policies are adhered to at all times.\xc2\xb7 Support a standard QA process with the product development teams.\xc2\xb7 Support product certification process.\xc2\xb7 Support standard security testing labs.\xc2\xb7 Support automated security testing.Requirements:A Bachelor\'s Degree in Information Technology, Computer Science or related field is highly desirable.\xc2\xb7 Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certification, CEH (Certified Ethical Hacker) or equivalent are ideal.\xc2\xb7 Three (3+) years of experience in application security and/or security operations, with a focus on automation, performance, and reliability\xc2\xb7 Solid understanding of security protocols, cryptography, authentication, authorization, and security\xc2\xb7 Good working knowledge of current IT risks and experience implementing security solutions\xc2\xb7 Ability to interact with a broad cross-section of personnel to articulate and enforce security measures\xc2\xb7 Excellent written and verbal communication skills as well as business acumen\xc2\xb7 Strong technical documentation, diagramming, and presentation skills\xc2\xb7 Strong leadership, vision, effective communication and goal-oriented\xc2\xb7 Strong ability to establish partnerships and influence change and achieve results within dynamic environment\xc2\xb7 Meaningful technical contributions into the development lifecycle of a product, application and service has context menu

Vertiv