Sr Product Security Analyst
Location: Chennai
Time Type: Full time
Job Description
Job Description Summary
As a key member of a global and matrixed design team, Sr Product Security Analyst is responsible for- Cyber security analysis of controllers, systems architectures for cyber security requirements.
- Lead the software and hardware penetration testing activates
- Work in Collaboration with development teams to improve SDLC process, OSS/SAST/DAST scans.
- Streamline SBOM generation.
- Lead the cyber security testing for GE Vernova Power Conversion products and analyze the reports and suggest remediation strategy.
- Identify Product vulnerabilities; rate and report to development team.
Job Description
Essential Responsibilities:
Lead reviews, suggest architectural changes, conduct tests to ensure systems, controllers, meet Cyber security requirements. Collaborates with a team of controls and system engineers developing operational software for various subsystems. The position requires a clear understanding of OT System, and conversant with all Cyber security requirements.
This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. The Security Analyst should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative solutions, and demonstrating rigorous and decisive leadership. Work with multiple teams in different location to deliver Cyber secure software to meet customer requirements.
Roles and Responsibilities
You are a skilled Security Analyst who enjoys security work and is an expert in systems security, product / OT security and application security. In this role, you will be working with product managers, independent researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents.
In this role, you will:
- Be responsible for providing technical leadership and defining, developing security within software in a fast-paced and agile development environment using the latest secure software development technologies and infrastructure.
- Work with Cyber Security Leaders and SMEs to understand product requirements.
- Hands on experience with penetration testing for software applications, Systems, Web Application, mobile application, controllers.
- Work on Cybersecurity tools like Wireshark, NESSUS and Burp Suite
- Experienced in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing during the development of software applications.
- Assist security champions in completing Threat Modelling and Architecture Risk Analysis on product features.
- Perform Security Code Reviews, Vulnerability Analysis and research on application code.
- Coach and mentor developers to implement cryptography solutions securely (PKI, Code Signing, Stored Secrets, et cetera)
- Provide guidance and advice on writing secure code that meets standards and delivers desired functionality, using the technology selected for the project.
- Research new application security technologies and implement them to improve application security.
- Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development.
- Promote best practices based on OWASP Top 10, SANS Top 25, and the GE Vernova SDLC.
Education/Qualification
- Bachelor /master's degree in IT/computer science or relevant engineering or equivalent knowledge / experience with 6+ Years of Experience
- Strong understanding of fundamentals in networking, ethical hacking, cryptography, penetration testing, vulnerability analysis, risk assessment, threat modelling, cybersecurity standards like ISO 27000 and ISA/IEC 62443.
- Database RDBMS, MySQL NoSQL databases
- Software component: MS Visual Studio, MS Office, MS Visio, GitHub
- Linux and Windows OS
- Hands on experience with Enterprise Application and Web Application servers like Tomcat, and WLP.
Certifications like CEH, Offensive Security, PNPT will be an added advantage.
Additional Information
Relocation Assistance Provided: Yes
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 452 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got over 200,000 jobs from 15,000+ vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 15,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say