Senior Lead Application Security Engineer

Senior Lead Application Security Engineer

Would you like to innovate with the latest energy technology?

Do you enjoy being part of a successful team?

Join our Digital Technology team

We operate at the heart of the digital transformation of our business. From Digital Engineering to enabling employee success, the Digital Technology team is driven to provide the best products and service.

Partner with the best

The Senior Lead Application Security Engineer is a dynamic role requiring knowledge of security, secure development, and application security tooling. The engineer will lead key application security programs, partner with business segment to ensure adherence of secure development standards, and guide teams on application vulnerability remediation.

As a Senior Lead Application Security Engineer, you will be responsible for:

In addition, the engineer will be responsible for application security tooling, identify gaps in existing processes and tools, and enhance support for development toolsets.

In this role, you will:

• Collaborate with business segment cyber security teams on application security technology adoption
• Driving best practices and sound design principles through the Secure Software Development Lifecycle
• Educating teams across Baker Hughes Power on secure development best practices, tools, and methodologies.
• Participating in code reviews across teams to ensure secure coding practices.
• Managing key application security programs – including Container Security implementation
• Leading projects to drive the assessment, operationalization and adoption of new technologies, platforms, tools, and frameworks

Fuel your passion

To be successful in this role you will :

• Have a Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). Have a minimum 10 years of professional experience.
• Have working knowledge of application security services such SAST, SCA, DAST, and Container Security
• Have working knowledge of OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.)
• Have experience with Java / NodeJS / Go / PHP / Python / Ruby
• Have Software development cycle and automated application security testing experience
• Have working knowledge of source control tools such as GitHub Actions and Jenkins
• Have experience with Application Security solutions such as Synopsis BlackDuck /  Checkmarx / Prisma Container Security

Technical Expertise:

• Have good development background, with a focus on secure development
• Have Knowledge of API Security Architecture
• Have a working knowledge of Cloud Provider security architecture design patterns

Work in a way that works for you

We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive

Working with us

Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.

Working for you

Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:

• Contemporary work-life balance policies and wellbeing activities
• Comprehensive private medical care options
• Safety net of life insurance and disability programs
• Tailored financial programs
• Additional elected or voluntary benefits

#digitalpilot