Software Product Security Engineer

Get AI-powered advice on this job and more exclusive features.

Recent Healthcare Experience is Mandatory.

Only USC, GC, H4 EAD, L2 VISAs. NO H1Bs.

Software Product Security Engineer

This role involves collaborating with Software Engineering and Infosec teams to ensure the security of software products throughout their lifecycle. Responsibilities include identifying, triaging, and mitigating vulnerabilities, promoting security best practices, and supporting secure software development processes.

Key Responsibilities:

·Define and refine security requirements in collaboration with development, regulatory, and information security teams.

·Enhance software development security processes and evangelize security best practices.

·Conduct security reviews of products and features, including risk assessments and threat modeling.

·Implement security in CI/CD pipelines and build automation.

·Automate security testing and compliance checks.

·Implement and manage security controls for software products (e.g., access control, encryption).

·Develop, deploy, and support security tooling (e.g., vulnerability scanning, SIEM systems).

·Utilize existing security tools and frameworks where possible.

Qualifications:

·MS degree in computer science, cybersecurity, or equivalent experience.

·10+ years of software development or security engineering experience, ideally with complex data or process management applications.

·5+ years of experience in Java and another high-level language (Python, C++, Go).

·5+ years of experience in cloud and infrastructure security.

·Commitment to security and privacy best practices.

·Background in Secure Software Development Lifecycle (SSDLC).

Knowledge, Skills, and Abilities:

·Experience in the healthcare industry and handling sensitive data.

·Familiarity with regulatory compliance (FDA PMA, IVDR, GDPR, HIPAA).

·Proficiency in vulnerability scanning and tools.

·Expertise in cloud security best practices.

·Experience with CI/CD security integration.

·Knowledge of REST API and web service security.

·Understanding of relational database and SQL security practices.

Nice to Have:

·Security certifications (CISSP, CEH/OSCP).

·Cloud pipeline orchestration (WDL, NextFlow)

Mandatory Experience:

• HIPAA/WDL or Next Flow experience
• DevSecOps (CI/CD)
• Vulnerability Assesment & Mitigation

• Seniority level
  Mid-Senior level

• Employment type
  Contract

• Job function
  Information Technology

Get notified about new Product Security Engineer jobs in United States.

Austin, TX $134,100.00-$225,000.00 3 months ago

Mountain View, CA $55.00-$60.00 1 week ago

United States $170,000.00-$200,000.00 1 month ago

United States $124,800.00-$234,000.00 2 days ago

Chicago, IL $113,600.00-$150,520.00 9 hours ago

United States $110,635.01-$184,391.69 3 weeks ago

San Francisco, CA $161,000.00-$220,000.00 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.