This job ad has been posted over 30 days ago...



Specialist - Product Security Full-time

at Philips Innovation Campus in Banglore (Published at 01-10-2018)

Key Areas of Responsibility:

Engage with architects to during the early design phase to conduct the Secured by design and Privacy by design assessments

Participate in the release planning event to ensure the security and privacy milestones and deliverables

Conduct the security awareness trainings

Be part of SOS (Scrum of scrum) meetings with the project teams when required

Analyze low level design (LLD) and high level design (HLD) documents – ensuring these designs adequately incorporate Security controls.

Support development of mitigation actions and design recommendations

Coordinate with developers, product owners, and architects on remediation activities and alternate solutions

Develop Risk and Benefits Cost analysis for security risks when required

Work closely with Privacy and Safety officers to ensure comprehensive risk management.

Responsible to ensure the Risk Management Matrix is created and signed of before the every release

Conduct risk assessments (PSRA/SSRA) in accordance with QMS defined stage gates

Ensure that verification related efforts / tools are used (SCoE testing, blackduck, fortify).

Supports Audit and Compliance activities

Responsible for Key Performance Indicators reporting and development for BIU

Work with Product Manager, Field Marketing, Services and Sales to collaborate on incident response and customer complaints.

Work with Q&R on process and procedures in QMS that are related to Product Security

Support Product security and services office to drive initiatives throughout the BU

Assist/guide responsible disclosures in cooperation with PSSO event coordinator.

Experience & Qualifications:

Technical bachelors and/or master’s degree

5-10 years of IT experience in the application security field

Experience with software development and programming languages and frameworks such as Java, spring, SOAP & REST API

Ideal candidate would have worked on the software development initially and then graduated in to either -S/W architecting/security assessments ensuring security in the product design

Strong knowledge of secure software development lifecycle and practices such as threat modelling and security reviews based on scenarios analysis

Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).

Prefer security review experience with any of the platform as a service products such as Cloud Foundry, Heroku, Elastic Beanstalk, IBM Blue mix, Pivotal, or similar

Working experience in assessing the IT infrastructure Security.

Good to have any of the below certifications.

CISSP: Certified Information Systems Security Professional *

CSSLP: Certified Secure Software lifecycle professional) *

SABSA: Sherwood Applied Business Security Architecture) *

Health information security management (ISO 27799, ISO/IEC 80001, DIACAP)

Information Security Management Systems (ISO/IEC 270001)

Laws and regulations on privacy, data protection, and breach notification

(95/46/EC, HIPAA, PIPEDA, ISO/TS 14265, 21CFR820, SB1386, etc.)

Good team player

Strong influential and communication skills to work with engineering and architecting stakeholders

Ability to engage and coach developers

Strong business orientation

Ability to work with multiple business units with diverse culture and diverse environment

Quick learner who is willing to adapt quickly

Aware of all the latest happenings in the assigned domain

Recent jobs at Philips Innovation Campus

Viewed: 806 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend