CrawlJobs Logo
Hewlett Packard Enterprise Logo Hewlett Packard Enterprise · IT - Software Development

Product Security Engineer - Secure SDLC Analyst

United States, San Juan · Job Posted July 09, 2025
Apply Position
Job Link Share

Job Description

HPE Aruba Networking is looking for a person excited to work at the intersection of software engineering, security, and assurance and trust. HPE Aruba Networking produces a variety of types of software, from embedded firmware to Linux-based appliances to containerized cloud applications, but what these all have in common is a need to build security in from the beginning and to demonstrate to our customers that these products are trustworthy for use in their own environments. This Secure SDLC role is part cybersecurity auditor, part consultant, part implementor who can work directly with software engineering teams on how to continually improve security maturity.

Job Responsibility

  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements

Requirements

  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle

Nice to have

  • Industry certifications such as CISSP, CISA, CCSP, CSSLP, CGRC, or GIAC
  • Knowledge of relevant regulations and standards and how to interpret and implement these requirements within the organization's products
  • Ability to develop and implement security policies, procedures, and guidelines that align with organizational goals and compliance requirements
  • Technical experience with scripting and automation
  • Experience with participating in or leading external security standards communities or working groups
  • Familiarity with the Agile development methodology
  • Ability to manage security projects, setting priorities, and meeting deadlines as an independent performer
  • Strong communicator with ability to collaborate with various teams
  • Experience with ASPM, SCA, DAST and SAST tools
  • Experience with Project Management software (e.g. Jira, Asana, Confluence)
  • Experience with the procurement process for IT tools, particularly with product evaluations

What we offer

  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
Hewlett Packard Enterprise - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Product Security Engineer - Secure SDLC Analyst

8 matching positions

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Senior Technical Program Manager

The Senior Technical Program Manager, Security & GRC will work directly with our...
Location
Location
United States
Salary
Salary:
200000.00 - 220000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in CS, Engineering, or a related field
  • Started career as a Security Engineer, Systems Administrator, or Analyst
  • TPM professional for 5+ years, specifically managing high-stakes security, privacy, or infrastructure initiatives
  • Deep understanding of the Security SDLC and experience navigating cloud-native service architectures (AWS/GCP) with a focus on security guardrails
  • Experience translating regulatory frameworks (e.g., SOC2, ISO 27001, FedRAMP, or GDPR) into concrete technical requirements
  • Proven ability to 'go deep' and comfortable looking at architectural diagrams, API docs, or cloud configurations to find root causes
  • Exceptional communication skills with a knack for explaining the 'why' behind a security control to a developer and the 'how' of a technical fix to an auditor
  • Strong ability to leverage data—from vulnerability scanners to Jira velocity—to tell a story and drive cross-functional decision-making
Job Responsibility
Job Responsibility
  • Technical security orchestration: Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance 'into the kiln'
  • Help design risk solutions: Dive deep into the security stack to not only identify execution blockers but actively architect the technical solutions to implement them
  • Help architect our security mission: Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap
  • Drive high-velocity operations: Lead agile security sprints that harmonize vulnerability remediation and threat detection with feature development
  • Optimize the 'rhythm of the business' by automating manual GRC workflows, eliminating manual friction and moving us toward Compliance as Code
  • Translate telemetry into narrative: Distill complex security data and telemetry into compelling risk narratives for leadership while maintaining high-fidelity technical depth for engineers
  • Optimize the defensive roadmap: Command long-term strategic planning by aligning cloud infrastructure costs and security tooling with the company’s overarching defensive goals
  • Cultivate organizational excellence: Uphold a relentless culture of focus and accountability, identifying systemic inefficiencies and driving impact through superior tooling and process engineering
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst

We are looking for a Lead Cybersecurity Analyst who can take ownership of the or...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
Farenexus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cloud and application security, with hands-on AWS production environments
  • Strong knowledge of Java (Spring/Spring Boot) and frontend security (Vue.js)
  • Solid understanding of MySQL security and data protection
  • Experience with risk assessment, vulnerability management, and incident response
  • Working knowledge of DPAs, BCP/DR, VAPT, and bug bounty programs
  • Relevant security or cloud certifications such as AWS Security Specialty, CISSP, CISM, or similar
  • Experience with containerized workloads and Kubernetes security
  • Familiarity with modern authentication and authorization approaches such as OAuth2 and OpenID Connect
  • Experience working in agile or Descopes environments
Job Responsibility
Job Responsibility
  • Define and maintain the organization’s security strategy, policies, standards, and architecture principles
  • Act as a security advisor to engineering, product, and leadership teams, ensuring alignment with business and regulatory requirements
  • Design and govern secure AWS architectures, including IAM, networking, and core AWS security services
  • Continuously assess cloud environments and drive remediation of security risks and misconfigurations
  • Lead application security reviews, threat modeling, and risk assessments for Java based backend services and Vue.js frontend applications
  • Embed security into the SDLC through secure coding practices, CI/CD security controls, and vulnerability management
  • Define and enforce data and database security controls, including encryption, access management, and auditing
  • Support compliance, audits, DPAs, BCDR planning, vulnerability assessments, and penetration testing activities
  • Lead incident response processes, security monitoring, and post-incident improvement initiatives
  • Collaborate with engineering and DevOps teams to promote a security-by-design culture and provide practical security guidance
What we offer
What we offer
  • Competitive compensation, benefits, and opportunities for growth
Read More
Arrow Right

Infrastructure Senior Technology Analyst

The Infrastructure Senior Technology Analyst is an intermediate level role respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years' experience in I.T
  • 5+ years hands-on experience on middleware webhosting and application server products
  • Bachelor's degree in computer science or related field or equivalent combination of education and experience
  • Experience in IT security compliance and implementation and use of security protocols (SSL, Server certificates)
  • Good experience using Java, J2EE, XML, SQL and Shell/Perl/python/PowerShell Scripting in UNIX/Wintel environment
  • Experience in modernization of traditional web/app applications to Redhat Openshift containers & external Cloud
  • Reasonable experience with AI tools to automate current pain points in workflow
  • Familiarity with Compliance and risk management frameworks and methodologies (ISO27002, SDLC)
  • Initiative and ability to perform under pressure
  • Strong leadership, interpersonal and communication skills
Job Responsibility
Job Responsibility
  • Create complex project plans and perform impact analyses
  • Solve/work high impact problems/projects and provide resolutions to restore services
  • Drive Root Cause Analysis (RCA) post restoration of service
  • Design testing approaches, complex processes, reporting streams, and create automation of repetitive tasks
  • Review requirement documents, define hardware requirements and examine and update processes and procedures
  • Provide technical/strategic direction and act as advisor/coach to lower-level analysts
  • Develop projects required for design of metrics, analytical tools, benchmarking activities and best practices
  • Provide expertise in application hosting technologies with specialized emphasis on IBM technologies (WebSphere/WebLogic Application Server, WebLogic Forms and Reports, IHS)
  • Provide expertise in other web hosting technologies like Microsoft IIS, Apache, Tomcat
  • Provide expertise in Java/J2EE deployments and Operating system scripting
  • Fulltime
Read More
Arrow Right

Technical Project Manager

We are currently seeking a Technical Project Manager to join our team in Pune, M...
Location
Location
India , Pune
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8 years of progressive experience in technical project management, software engineering, or related technical roles
  • Minimum 3-4 years managing complex technical projects in Hybrid environments
  • Proven track record delivering software products or platforms from conception through production deployment
  • Experience working directly with software engineering teams managing full SDLC
  • Demonstrated success navigating complex technical landscapes with multiple dependencies
  • Background working in product-led organizations with cross-functional teams
  • Financial services or regulated industry experience highly preferred
  • Solid understanding of software development lifecycle (SDLC) and methodologies (Agile, Waterfall, DevOps)
  • Working knowledge of modern software architecture patterns (microservices, APIs, event-driven, serverless)
  • Familiarity with cloud platforms (AWS, Azure, GCP) and cloud-native development
Job Responsibility
Job Responsibility
  • Define comprehensive project scope, objectives, success criteria, and deliverables aligned with business strategy and technical requirements
  • Develop detailed project plans including work breakdown structures, schedules, resource allocation, budget estimates, and dependency mapping
  • Establish project governance structure with clear decision rights, escalation paths, and approval gates
  • Create realistic timelines incorporating technical complexity, resource constraints, and risk factors
  • Define and track key project milestones, deliverables, and quality gates
  • Coordinate and monitor project progress across multiple workstreams and technical teams
  • Track project performance against baseline using earned value management and agile metrics
  • Conduct regular status reviews with project teams and stakeholders
  • Identify schedule slippage, budget variance, or scope creep early and implement corrective actions
  • Manage project changes through formal change control processes
  • Fulltime
Read More
Arrow Right

Staff Software Development Engineer-Automation Engineer

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States
Salary
Salary:
106605.00 USD / Year
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
June 29, 2026
Flip Icon
Requirements
Requirements
  • Extensive experience in software development and production support for enterprise systems
  • Strong expertise in automation/RPA platforms, scripting, and debugging complex workflows
  • Proven ability to lead incident response and root cause analysis in high-availability environments
  • Deep understanding of SDLC, CI/CD, release management, and production readiness standards
  • Bachelor's degree in Computer Science, Engineering, or equivalent practical experience
Job Responsibility
Job Responsibility
  • Serve as the technical owner for production support of automation and RPA solutions across critical business processes
  • Lead incident triage, root cause analysis, and permanent remediation for high-severity automation failures
  • Establish and enforce runbooks, support models, escalation paths, and on-call readiness for automation platforms
  • Proactively identify systemic issues and implement stability, resiliency, and performance improvements
  • Provide hands-on technical leadership for automation design, debugging, and optimization in production environments
  • Review automation code and configurations to ensure adherence to standards, security, and reliability best practices
  • Partner with development teams to ensure production readiness of new automations before release
  • Guide architectural decisions that reduce operational complexity and technical debt
  • Design and maintain monitoring, alerting, and health dashboards for automation platforms
  • Drive adoption of AIOps, SRE, and automation-first support practices where applicable
What we offer
What we offer
  • Medical, dental, and vision coverage
  • Paid time off
  • Retirement savings options
  • Wellness programs
  • Fulltime
Read More
Arrow Right

Java Fullstack Developer

Citi is seeking a highly skilled and motivated C11-level Full-Stack Software Eng...
Location
Location
India , Chennai; Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4-7 years of total experience with at least 2 years in a full-stack role
  • Proven experience leading technical projects and mentoring team members
  • Extensive experience with front-end development using modern JavaScript frameworks (React.js or Angular is mandatory)
  • Strong experience with back-end development using languages like Java (Spring Boot), Python (Django/Flask), or Node.js (Express)
  • Solid understanding of relational databases (e.g., Oracle, PostgreSQL, SQL Server) and/or NoSQL databases (e.g., MongoDB, Cassandra)
  • Expertise in JavaScript/TypeScript, HTML5, CSS3
  • Proficiency in React.js (with Redux/Context API) or Angular (2+)
  • Strong command of at least one back-end language/framework (Java/Spring Boot preferred)
  • Deep understanding of RESTful APIs, microservices architecture, and API design principles
  • Experience with version control systems (Git) and Agile development methodologies
Job Responsibility
Job Responsibility
  • Lead the design, development, and implementation of full-stack applications, from concept to deployment
  • Develop responsive and high-performance user interfaces using React.js or Angular, ensuring a seamless user experience
  • Build and maintain robust, scalable, and secure back-end services and APIs (e.g., Java, Python, Node.js) that integrate with various internal and external systems
  • Write clean, well-documented, and testable code, adhering to best practices and coding standards
  • Participate in all phases of the software development lifecycle (SDLC), including requirements gathering, design, development, testing, deployment, and support
  • Contribute to technical architecture decisions, ensuring solutions are aligned with enterprise standards and strategic goals
  • Design and implement secure and efficient database schemas (SQL/NoSQL) and data access layers
  • Evaluate and recommend new technologies, frameworks, and tools to improve development processes and application performance
  • Ensure adherence to architectural principles, design patterns, and security guidelines
  • Collaborate closely with product owners, business analysts, UX/UI designers, and other engineering teams to define requirements and deliver solutions
  • Fulltime
Read More
Arrow Right

Technical Business Analyst

The Technical Business Analyst (TBA) serves as the vital bridge between business...
Location
Location
India , Chennai
Salary
Salary:
Not provided
toppanmerrill.com Logo
Toppan Merrill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-5 years of experience as a Technical Business Analyst in IT development or data-driven environments
  • Strong understanding of ETL concepts and system integration
  • Hands-on experience with SQL, REST/SOAP APIs, JSON/XML, and data analysis
  • Familiarity with Agile/Scrum methodologies and tools such as Jira, Confluence, or Azure DevOps
  • Knowledge of UML, BPM tools, data warehousing and data governance/data quality frameworks
  • Excellent analytical, problem-solving, and critical-thinking abilities
  • Strong communication skills for both technical and non-technical audiences
  • High attention to detail with the ability to manage multiple priorities
  • Strong ownership mindset and accountability for deliverables
  • Flexibility to work during US business hours, including late evenings
Job Responsibility
Job Responsibility
  • Collaborate with business stakeholders to gather, analyze, and document requirements, user stories, and acceptance criteria
  • Translate complex business needs into detailed functional and technical specifications
  • Work with solution architects and developers to design scalable and secure systems
  • Develop process models, data flow diagrams, interface specifications, and integration mappings
  • Identify opportunities to optimize and automate data and ETL processes
  • Perform detailed analysis of data flows, ETL pipelines, and system integrations
  • Support data migration, API design, and integration initiatives
  • Configure and maintain ETL tools/platforms to support business requirements and data integration needs
  • Monitor and troubleshoot ETL jobs, ensuring data accuracy and integrity
  • Develop and maintain documentation for ETL workflows, mappings, and transformations
  • Fulltime
Read More
Arrow Right