Advanced Sterilization Products
Location
Bangalore | India
Job description
Your Impact:
ASP is currently seeking a security analyst to provide operational technical direction and to provide tactical support of the CISO and ASP Product Security functions. This person will report directly to the Chief Information Security Officer and will be instrumental in helping to implement and mature the capabilities of the organization. The role will be primarily focused on product and application security. The ideal candidate will have a development background with experience in secure coding, threat modelling and technical risk analysis.
Responsibilities:
•Working with internal stakeholders across numerous technical functions.
•Operate as a SME for product teams regarding secure development practices and technical matters.
•Coordinate shared product security assessment roadmap on an annual basis.
•Facilitate and manage third party product assurance engagements.
•Track and coordinate product security metric state with Corporate.
•Participate in documentation and articulation of product risk.
•Participation in the preparation of regulatory submission paperwork.
Our Needs:
•3+ years of development experience.
•2+ years of experience Application/Product Security.
•Strong decision-making capabilities, with a demonstrable ability to weigh the relative costs and benefits of potential actions and identify the most appropriate actions.
•Thorough, detail-oriented and quality-driven with superb communication and interpersonal skills.
•Relevant industry training and/or certification preferred.
•Able to deliver quality results in a high-energy/high-pressure environment.
•Ability to multi-task and handle demands of many projects, issues, and tasks.
•Ability to perform duties with minimal supervision.
Tools and Capabilities:
•Thorough understanding of modern SDLC practices including Agile, CI/CD methodologies.
•Medical Device experience a plus.
•Familiar with vulnerability assessment tools such as Rapid7.
•Expertise with at least one code analysis platform such as Veracode.
•Strong familiarity with common secure coding practices/standards/forums such as OWASP
•Experience with STRIDE based Threat Modelling.
•Familiarity with common risk assessment tools such as CVSS.
Job tags
Salary
