The Job logo

What

Where

Sign in

Lead Product Security Engineer

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
Join our team as a Lead Product Security Engineer to build and execute engineering processes, secure product features, present plans to leaders, and drive improvements in Product Security metrics. Utilize your experience in cyber security framework implementation and governance. Bachelor's degree, 10 years of professional experience, project management skills, and expertise with Agile development teams required.

JOB DESCRIPTION

Partner with the best.

We are looking for a Lead Product Security Engineer, with a focus in Product Security. In this role, you will work in a team and demonstrate working knowledge of systems and products and how they are secured in customers' businesses.
 

Responsibilities, authorities, and accountabilities

In this role, you will be:

  • Building and executing engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing security controls, and secure implementation of product features.
  • Applying existing technologies, approaches, methodologies in new combinations to design new products, systems, or processes. Viewed internally and externally as a specialist in the discipline.
  • Presenting plans, technical roadmaps, risks and recommendations to senior business business and technical leaders.
  • Driving awareness, engagement, and improvements of Product Security metrics with business leaders
  • Demonstrating working knowledge of systems and products and how they are secured in a customer environment.
  • Implementing tools to automate and scale security processes.
  • Providing security leadership to the product engineering teams.
  • Experiencing with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance

Our passion.

To be successful in this role you will:

  • Have a Bachelor's degree in computer science or “STEM” Majors (Science, Technology, Engineering, and Math).
  • Have a minimum of 10 years of professional experience in a STEM-related degree preferably with a Cyber focus.
  • Have project management experience, and expertise with Agile development teams.
  • Have prior work experience with various development tools including threat modelling, vulnerability technologies, application security, and secure coding principles.
  • Have experience with penetration testing and ethical hacking.
  • Have knowledge of Identity management and identity federation (SAML, OAuth, SCIM, XACML)
  • Be experienced in developing web services (SOAP/REST)
  • Have experience securing applications within cloud platforms such as AWS, Azure, and alike.
  • Have experience with a broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment.
  • Have a minimum of 6 years in the field of security with + years in security architecture design and review.
Set alert for similar jobsLead Product Security Engineer role in Bengaluru, India
Baker Hughes Logo

Company

Baker Hughes

Job Posted

a year ago

Job Type

Full-time

WorkMode

On-site

Experience Level

8-12 Years

Category

Software Engineering

Locations

Bengaluru, Karnataka, India

Qualification

Bachelor or Master

Applicants

Be an early applicant

Related Jobs

Baker Hughes Logo

Senior Product Security Engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: 10 months ago

We are looking for a Senior Product Security Analyst, with a focus on Identity and Access Management solutions. In this role you will work in a team to integrate applications with Predix Identity and Access Management solutions. Candidate will lead several resources on the security team responsible for mission critical application support, including incident management and response.   Responsibilities, authorities and accountabilities In this role, you will: You are a skilled Analyst who enjoys security work and is an expert in systems security, applications security, identity management. In this role, you will be integrating with our stakeholders and formulating IAM solutions. In this role, you will: Developing approaches to address the implementation of Identity and Access Management (IdAM) solutions as part of enterprise security services including mobile devices Implementing Privilege Identity Management solutions Working with Attribute-Based Access Control (ABAC) solution Consulting developers on security requirements and utilize common components to meet them Maintaining documentation of design patterns/recipes for common security requirements Ensuring that issues identified are appropriately prioritized and addressed in future product releases Having a complete understanding of the various system interdependency and limitations Architecting, designing, implementing, supporting, and evaluating security focused tools Evaluating and recommending new and emerging security products and technologies     Required Qualifications Have a Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 8 years of professional experience in STEM related degree, Political Science/Government/International Affairs.   Desired Characteristics Technical Expertise: Be able to understand technical and business discussions relative to future architecture direction aligning with business goals. Be able to understand concepts of setting and driving architecture direction. Be familiar with elements of gathering architecture requirements. Be able to understand architecture standards concepts to apply to project work. Have a general understanding of supporting technologies including SOAP, OAuth, SAML, OpenID Connect, HTTP, XML, LDAP, SQL, and XACML. Have experience with IAM solutions like Cyber-Ark, Ping Identity, Siteminder, Attribute Exchange Network Be able to contribute to and lead discussions and communications within the team and outside, including customers and other business units Be able to foster a collaborative and cooperative team environment, encouraging input and participation from all members Have demonstrated experience in IT Security, system administration, LDAP, and scripting Have experience in large service provider environments Have scripting skills (e.g., Perl, shell scripting) Have excellent written and verbal communication skills, especially experience with executive-level communications Have experience with Agile Management.

Baker Hughes Logo

Senior Lead Cloud Security Engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: 10 months ago

Designs, programs, documents, tests, and fixes bugs involved in creating and maintaining applications and frameworks involved in a software release lifecycle resulting in a digital product. Deep technical expertise within a field. Has comprehensive knowledge of underlying principles, approaches and methodology.   Responsibilities, authorities and accountabilities Developing, implementing, and managing Azure Policies to enforce governance and compliance standards across the organization's Azure environments Providing technical guidance and support to application teams to ensure policy compliance during application deployments Monitoring and auditing Azure Policy compliance, investigating policy violations, and providing remediation guidance to ensure continuous adherence to security standards Leading small development team and managing end to end execution of software development in the Azure space Gathering user requirements and understanding use cases, design documents, and driving implementation in accordance with project and platform goals   Required Qualifications Have a Bachelor's degree from an accredited university or college with overall 10 years of experience. Have 4-6 years of experience in Cyber Security Engineering. Be an expert with Microsoft Azure, including proficiency in Azure Policy, Azure Resource Manager, and Azure Governance Be an expert with scripting and automation languages (e.g., Python, PowerShell, Azure CLI, JSON) to author and manage Azure Policies  Have strong skills in identifying the pain areas of cloud security and automating cloud security workloads to improve Azure Governance Have a thorough understanding of CICD and DevSecOps to implement and manage Azure Policies and automations Have a thorough understanding of Power Platform, ARM templates and bicep. Have Experience with GRC frameworks (i.e., ISO27001, NIST etc.)   Desired Characteristics Strong oral and written communication skills. Strong interpersonal and leadership skills. Demonstated ability to analyze and resolve problems. Demonstrated ability to lead programs / projects. Ability to document, plan, market, and execute programs. Established project management skills.

Baker Hughes Logo

Lead DevOps engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: 10 months ago

We are looking for an experienced and self-driven DevOps lead to drive our software release process. As a DevOps lead, you will design and architect new products and solutions and redesign current solutions to help meet demands of ever-changing business and technology landscape. You will be responsible for making design choices, provide make or buy input, coordinate and oversee technical standards, including software coding standards, tools, and platforms.   As a Lead DevOps Engineer, you will be responsible for: Developing and owning the CI/CD strategy for the program Being responsible for build and release activities. This includes delivery of internal, external and patch builds. Helping in Sanity/Smoke testing the builds before delivering it to customer. Identifying and eliminating manual, repetitive tasks through automation. Supporting and improving our tools for automated testing and release management Looking for automation opportunities and building scripts to automate tasks Collaborating with Product Teams to implement end to end Build and Release process Fuel your passion   To be successful in this role you will: Have a Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) Have minimum 8 years of professional experience. Have Proven experience as DevOps/Release and Build engineer Have experience in Github, Jenkins, TFS and Ant, etc Have working knowledge of SonarQube and other code quality tools Have experience managing release process on cloud platform like AWS Have experience in AWS Cloud Services (EC2. S3, IAM, ALB, Route53, Code Deploy, EFS, Cloud Watch, EBS, Auto Scaling), Shell Scripting ( Bash) , CI/CD Pipeline, Build automation tools (Maven, Ant, .Net Core) , Docker & Containerization , Cloud Formation Templates.

Baker Hughes Logo

Staff Cybersecurity IAM Engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: a year ago

Staff Cybersecurity IAM Engineer   Do you enjoy creating innovative solutions?   Would you like to take ownership of Identity and Access Management Strategy?   Join our cutting-edge Security team   We operate at the heart of the digital transformation of our business. Our team is responsible for the cyber-security architecture and data protection for our global organization. We focus on ensuring the security and improvement of our Identity and Access Management tools and policies across the business.   Partner with the best   As part of the Baker Hughes Cybersecurity Identity & Access Management team, this individual will contribute to the definition and implementation of the next generation of Identity & Access Management tools and policies across Baker Hughes. This individual will integrate with new and existing initiatives across Baker Hughes to drive the Cybersecurity requirements and policies from design through implementation.   As a Staff Cybersecurity IAM Engineer, you will be responsible for: Designing, implementing, enhancing, and support on-prem and on cloud implementation of Radiant Logic VDS. Acting as a technical expert on initiatives involving directory services with an emphasis on virtual directory services. Supporting leadership strategy by engineering and providing architectural input in IAM domains, including user lifecycle management, provisioning/de-provisioning, and access certification. Leading and influence technical direction for large-scale, highly complex technical initiatives and/or projects requiring integration of cross-functional systems. Coordinating and support major and minor incident response. Researching, implement, and scale innovative solutions. Working with management to define and operationalize Cybersecurity strategy & policies for Identity & Access Management. Identifying and drive the mitigation of existing risks in the Identity & Access management space Developing automation to manage corporate and customer-facing identity applications. Collaborating with Cybersecurity Architects and Engineers to implement new solutions. Responsibilities include rotational, 24/7 on call support.   Fuel your passion To be successful in this role you will: Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 9 years of relevant professional experience. 3+ years of experience on implementing and supporting Radiant Logic Virtual Directory Services (VDS) platform. 9+ years of LDAP (Lightweight Directory Access Protocol), Active Directory, other IAM Application, PKI, and DNS experience Experience in IAM integration of AD, webservices, and LDAP based application connectors. Advanced understanding of permission delegation and least-privileged principle. Advanced knowledge of user account provisioning and lifecycle best practices. Troubleshooting IAM products and integrated application issues such as applications connectivity, Password Sync and so on. Use Radiant Logic solution to virtualize, correlate and aggregate user identities from different identity silos into a single source of identities. In-depth understanding of Windows Servers, its Cluster, monitoring and maintaining them. Experience in working and supporting large organization with 70,000 LDAP users. Well-informed with VDS infrastructure governance best practices, user incident/Request, KPI, and KRI Knowledge of Microsoft SQL server and other RDBMS platforms and PowerShell scripting. Experience with cybersecurity frameworks (i.e., NIST, CSA CCM) Knowledge of identity data flows, security roles, certification/attestation, entitlement management, and access governance Experience with directory services, active directory, azure ad, relational database schema, LDAP schema

Baker Hughes Logo

Senior Cyber Security Engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: 10 months ago

Responsibilities, authorities and accountabilities In this role, you will: Write, test, and maintain automation scripts/workflows within SOAR platform. Author and maintain documentation for all scripts, integrations, and workflows. Design, implement, standardize, and maintain efficient and reusable Python code or other programming language. Review, test, debug, and resolve technical issues throughout all stages of Software Development Life Cycle Translate conceptual CFC requirements into technical data and integration requirements for the SOAR platform. Deliver API solutions that streamline, simplify, and improve efficiencies for the CFC teams as well as other enterprise Business Units. Design, test, and implement new playbooks for the cyber security operation center. Partner with CFC leadership to gather SOAR requirements, priorities, and enhancements. Partner with CFC teams to review the development of integrations, workflows, & scripts to ensure anticipated output is achieved. Provide assistance with other cyber security tools (SIEM, EDR, Vuln. Management, etc.) as needed.   Required Qualifications Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 5 years of professional experience. A technical engineer, with an extensive security operations background, who drives the SOAR development lifecycle, in support of the security operations teams. Strong understanding of SOAR playbook development and logic.  Strong understanding of cyber security operation workflows. Have a minimum 2 - 4 years of experience maintaining a SOAR environment. Have ability to plan, organize and prioritize tasks to complete independently and meet tight timelines. Have Knowledgeable about useful metrics, and how to work with them to track against goals/KPIs. Technical Expertise: Have strong development background, with a focus on secure development. Have working knowledge of SOAR automation. Have great communication, team spirit, and leadership abilities. Have experience with scripting such as Python, BASH, and PowerShell.  Have good understanding of a variety of security tools and technologies (IDS/IPS, EDR, XDR, SIEM, Vuln Mgmt., etc.) 

Baker Hughes Logo

Senior Cyber Security Engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: 10 months ago

Responsibilities, authorities and accountabilities The Cyber Security Engineer will also assist with other cyber security application management like SOAR, DLP, OT Security and Endpoint Security tools. In this role, you will be: Maintaining the current custom managed Splunk infrastructure (on-prem and cloud) Supporting log on boarding and alert monitoring setup in Splunk Cloud Monitoring the health of the customer managed asset and vendor managed Splunk infrastructure configuration. Working with key stakeholders of the services to ensure the expectations are meeting the requirements. Maintaining the documented baseline configuration and executing the standard operating procedures to maintain the configuration. Researching and looking for opportunities to adopt the best practices and industry standards to enhance the SIEM and SOAR platforms. Providing assistance with other cyber security tools (SOAR, EDR, Vulnerability Management, Secure Remote Access, Passive Network Monitoring, DLP, OT Security, etc.)   Required Qualifications Have a Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). A minimum 5 years of professional experience. Have 2+ years of experience with Splunk Development Have 2+ years of experience with tool integrations, including APIs, REST APIS, and Syslog Have good understanding of Splunk infrastructure, components, and configurations.  Have good understanding of cyber security operation workflows. Knowledge of OT Security concepts and architectures   Technical Expertise: Have good development background, with a focus on secure development. Working knowledge of Splunk. Have in-depth knowledge of operating systems security configurations Have in-depth knowledge of network appliances Have experience with Windows Server and Linux OS. Have knowledge of other security platforms such as: SOAR, EDR, Vulnerability Management, Secure Remote Access, Passive Network Monitoring. Have experience with scripting such as Python, BASH, and PowerShell.