Specialist II - Product Security

Job Title

Job Description

This is individual contributor role. As part of the larger Security and Privacy team, the Application Security Engineer would -

·        Perform comprehensive Dynamic Application security Testing (DAST)

·        Understand and analyze the applications from security point of view.

·        Understand the application security risks and Threat modeling of applications

·        Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.

·        Able to guide and support development teams to fix the security vulnerabilities in the code.

Preferred Experience:

·        4 -9 years of work experience in Application Security Testing

·        Understanding and familiarity with common code review methods and standards 

·        Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify) 

·        Application development experience

·        Experience in a wide variety of languages, which includes C/C++, Java, .Net, Perl, Python and etc.

·        Research and pilot new services / technologies to support secure software development

·        Knowledge of standard SDLC practices 

·        Experience in application security penetration testing

·        Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite

·        Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies

·        Knowledge in cloud & Big data application security testing

·        Sufficient understanding or exposure to testing application on below technology will be helpful

o   REST API

o   Cloud Foundry

o   Encryption

o   Data storage for SQL, Oracle etc.

o   Big Data / Analytics  / Cloud

Educational Qualifications:

·        Bachelor degree with concentration in Computer Science, Information Systems, Information Security or similar would be preferred.

Preferred Security certifications

Ideally, candidate will possess any one of the below Security certifications(but not mandatory)

·        CEH

·        ECSA

·        LPT

·        OSCP

#LI-PHILIN

Why should you join Philips?

Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 2.5 billion lives a year by delivering innovative solutions across the health continuum. Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways. Learn more by watching this video.

To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page on our career website, where you can read stories from our employee blog. Once there,you can also learn about our recruitment process, or find answers to some of the frequently asked questions.