CrawlJobs Logo

Product Security Engineer - Secure SDLC Analyst

https://www.hpe.com/ Logo

Hewlett Packard Enterprise

Location Icon

Location:
United States , San Juan

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

HPE Aruba Networking is looking for a person excited to work at the intersection of software engineering, security, and assurance and trust. HPE Aruba Networking produces a variety of types of software, from embedded firmware to Linux-based appliances to containerized cloud applications, but what these all have in common is a need to build security in from the beginning and to demonstrate to our customers that these products are trustworthy for use in their own environments. This Secure SDLC role is part cybersecurity auditor, part consultant, part implementor who can work directly with software engineering teams on how to continually improve security maturity.

Job Responsibility:

  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements

Requirements:

  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle

Nice to have:

  • Industry certifications such as CISSP, CISA, CCSP, CSSLP, CGRC, or GIAC
  • Knowledge of relevant regulations and standards and how to interpret and implement these requirements within the organization's products
  • Ability to develop and implement security policies, procedures, and guidelines that align with organizational goals and compliance requirements
  • Technical experience with scripting and automation
  • Experience with participating in or leading external security standards communities or working groups
  • Familiarity with the Agile development methodology
  • Ability to manage security projects, setting priorities, and meeting deadlines as an independent performer
  • Strong communicator with ability to collaborate with various teams
  • Experience with ASPM, SCA, DAST and SAST tools
  • Experience with Project Management software (e.g. Jira, Asana, Confluence)
  • Experience with the procurement process for IT tools, particularly with product evaluations
What we offer:
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion

Additional Information:

Job Posted:
July 09, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Hewlett Packard Enterprise - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Product Security Engineer - Secure SDLC Analyst

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Senior Technical Program Manager

The Senior Technical Program Manager, Security & GRC will work directly with our...
Location
Location
United States
Salary
Salary:
200000.00 - 220000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in CS, Engineering, or a related field
  • Started career as a Security Engineer, Systems Administrator, or Analyst
  • TPM professional for 5+ years, specifically managing high-stakes security, privacy, or infrastructure initiatives
  • Deep understanding of the Security SDLC and experience navigating cloud-native service architectures (AWS/GCP) with a focus on security guardrails
  • Experience translating regulatory frameworks (e.g., SOC2, ISO 27001, FedRAMP, or GDPR) into concrete technical requirements
  • Proven ability to 'go deep' and comfortable looking at architectural diagrams, API docs, or cloud configurations to find root causes
  • Exceptional communication skills with a knack for explaining the 'why' behind a security control to a developer and the 'how' of a technical fix to an auditor
  • Strong ability to leverage data—from vulnerability scanners to Jira velocity—to tell a story and drive cross-functional decision-making
Job Responsibility
Job Responsibility
  • Technical security orchestration: Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance 'into the kiln'
  • Help design risk solutions: Dive deep into the security stack to not only identify execution blockers but actively architect the technical solutions to implement them
  • Help architect our security mission: Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap
  • Drive high-velocity operations: Lead agile security sprints that harmonize vulnerability remediation and threat detection with feature development
  • Optimize the 'rhythm of the business' by automating manual GRC workflows, eliminating manual friction and moving us toward Compliance as Code
  • Translate telemetry into narrative: Distill complex security data and telemetry into compelling risk narratives for leadership while maintaining high-fidelity technical depth for engineers
  • Optimize the defensive roadmap: Command long-term strategic planning by aligning cloud infrastructure costs and security tooling with the company’s overarching defensive goals
  • Cultivate organizational excellence: Uphold a relentless culture of focus and accountability, identifying systemic inefficiencies and driving impact through superior tooling and process engineering
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right

Cyber Security Analyst

We are looking for a Lead Cybersecurity Analyst who can take ownership of the or...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
Farenexus
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cloud and application security, with hands-on AWS production environments
  • Strong knowledge of Java (Spring/Spring Boot) and frontend security (Vue.js)
  • Solid understanding of MySQL security and data protection
  • Experience with risk assessment, vulnerability management, and incident response
  • Working knowledge of DPAs, BCP/DR, VAPT, and bug bounty programs
  • Relevant security or cloud certifications such as AWS Security Specialty, CISSP, CISM, or similar
  • Experience with containerized workloads and Kubernetes security
  • Familiarity with modern authentication and authorization approaches such as OAuth2 and OpenID Connect
  • Experience working in agile or Descopes environments
Job Responsibility
Job Responsibility
  • Define and maintain the organization’s security strategy, policies, standards, and architecture principles
  • Act as a security advisor to engineering, product, and leadership teams, ensuring alignment with business and regulatory requirements
  • Design and govern secure AWS architectures, including IAM, networking, and core AWS security services
  • Continuously assess cloud environments and drive remediation of security risks and misconfigurations
  • Lead application security reviews, threat modeling, and risk assessments for Java based backend services and Vue.js frontend applications
  • Embed security into the SDLC through secure coding practices, CI/CD security controls, and vulnerability management
  • Define and enforce data and database security controls, including encryption, access management, and auditing
  • Support compliance, audits, DPAs, BCDR planning, vulnerability assessments, and penetration testing activities
  • Lead incident response processes, security monitoring, and post-incident improvement initiatives
  • Collaborate with engineering and DevOps teams to promote a security-by-design culture and provide practical security guidance
What we offer
What we offer
  • Competitive compensation, benefits, and opportunities for growth
Read More
Arrow Right

Infrastructure Senior Technology Analyst

The Infrastructure Senior Technology Analyst is an intermediate level role respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years' experience in I.T
  • 5+ years hands-on experience on middleware webhosting and application server products
  • Bachelor's degree in computer science or related field or equivalent combination of education and experience
  • Experience in IT security compliance and implementation and use of security protocols (SSL, Server certificates)
  • Good experience using Java, J2EE, XML, SQL and Shell/Perl/python/PowerShell Scripting in UNIX/Wintel environment
  • Experience in modernization of traditional web/app applications to Redhat Openshift containers & external Cloud
  • Reasonable experience with AI tools to automate current pain points in workflow
  • Familiarity with Compliance and risk management frameworks and methodologies (ISO27002, SDLC)
  • Initiative and ability to perform under pressure
  • Strong leadership, interpersonal and communication skills
Job Responsibility
Job Responsibility
  • Create complex project plans and perform impact analyses
  • Solve/work high impact problems/projects and provide resolutions to restore services
  • Drive Root Cause Analysis (RCA) post restoration of service
  • Design testing approaches, complex processes, reporting streams, and create automation of repetitive tasks
  • Review requirement documents, define hardware requirements and examine and update processes and procedures
  • Provide technical/strategic direction and act as advisor/coach to lower-level analysts
  • Develop projects required for design of metrics, analytical tools, benchmarking activities and best practices
  • Provide expertise in application hosting technologies with specialized emphasis on IBM technologies (WebSphere/WebLogic Application Server, WebLogic Forms and Reports, IHS)
  • Provide expertise in other web hosting technologies like Microsoft IIS, Apache, Tomcat
  • Provide expertise in Java/J2EE deployments and Operating system scripting
  • Fulltime
Read More
Arrow Right

API Business Analyst

The Digital S/W Engineer Intmd Analyst is a developing professional role. Deals ...
Location
Location
India , Pune; Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong analytical and quantitative skills
  • Data driven and results-oriented
  • Experience in running high traffic, distributed, cloud based services
  • Experience in affecting large culture change
  • Experience leading infrastructure programs
  • Skilled at working with third party service providers
  • Excellent written and oral communication skills
  • Bachelor’s/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Address a variety of responses to problems, questions, or situations by applying established criteria to directly influence development outcomes
  • Responsible for applications systems analysis and programming activities
  • Accountable for development, design, construction, testing and implementation and write secure, stable, testable and maintainable code
  • Expected to operate with autonomy
  • Engage in digital applications development, risk technology, Middleware, Mainframe applications, Non Mainframe applications, Analytic Model Development and Application support activities to meet specific business needs of user areas and to test systems to ensure integrity of deliverables
  • Expected to provide sound understanding of application development concepts and principles and a basic knowledge of concepts and principles in other technology areas
  • On occasion, may need to consult with users, clients and other technology groups on issues and recommend programming solutions for customer exposed systems
  • Take the time to fully learn the functionality, architecture, dependencies, and runtime properties of the systems involved with your projects
  • Understand the business context and the associated customer use cases
  • Understand the team’s technologies and are able to evaluate system designs and architecture as you participate in solution discussions, development and the creation of application / systems documentation
  • Fulltime
Read More
Arrow Right

Technical Business Analyst

The Technical Business Analyst (TBA) serves as the vital bridge between business...
Location
Location
India , Chennai
Salary
Salary:
Not provided
toppanmerrill.com Logo
Toppan Merrill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-5 years of experience as a Technical Business Analyst in IT development or data-driven environments
  • Strong understanding of ETL concepts and system integration
  • Hands-on experience with SQL, REST/SOAP APIs, JSON/XML, and data analysis
  • Familiarity with Agile/Scrum methodologies and tools such as Jira, Confluence, or Azure DevOps
  • Knowledge of UML, BPM tools, data warehousing and data governance/data quality frameworks
  • Excellent analytical, problem-solving, and critical-thinking abilities
  • Strong communication skills for both technical and non-technical audiences
  • High attention to detail with the ability to manage multiple priorities
  • Strong ownership mindset and accountability for deliverables
  • Flexibility to work during US business hours, including late evenings
Job Responsibility
Job Responsibility
  • Collaborate with business stakeholders to gather, analyze, and document requirements, user stories, and acceptance criteria
  • Translate complex business needs into detailed functional and technical specifications
  • Work with solution architects and developers to design scalable and secure systems
  • Develop process models, data flow diagrams, interface specifications, and integration mappings
  • Identify opportunities to optimize and automate data and ETL processes
  • Perform detailed analysis of data flows, ETL pipelines, and system integrations
  • Support data migration, API design, and integration initiatives
  • Configure and maintain ETL tools/platforms to support business requirements and data integration needs
  • Monitor and troubleshoot ETL jobs, ensuring data accuracy and integrity
  • Develop and maintain documentation for ETL workflows, mappings, and transformations
  • Fulltime
Read More
Arrow Right

Software Engineering Sr Analyst

Location
Location
United States , Plano
Salary
Salary:
134971.00 - 142000.00 USD / Year
pepsico.com Logo
Pepsico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's degree (US or Foreign Equivalent) in Computer Science, Information Technology, or related field
  • Three (3) years of experience in Software
  • Three (3) years of experience in: Proficiency in Java features, including OOP concepts, multithreading, exception handling, and collections framework
  • Spring Frameworks, including Spring Core, Spring Boot, Spring MVC, and Spring Data
  • Microservices architecture using Spring Boot
  • Development of RESTful APIs and SOAP webservices
  • Deploying Java applications to Azure/Aws Cloud technologies, working experience on Docker and Kubernetes
  • SQL Databases (MySQL and PostgreSQL) including stored procedures, triggers and query optimization
  • Exposure to NoSQL Databases (MongoDB and Redis)
  • Messaging systems including KAFKA
Job Responsibility
Job Responsibility
  • Design, develop, and maintain scalable Java-based applications using Spring Boot and related Spring frameworks (Spring MVC, Spring Data, Spring Security)
  • Developing Restful webservices, implementing and consuming large-scale web services
  • Develop microservices architecture-based solutions, ensuring modularity, reusability, and performance optimization
  • Design and implement RESTful APIs to enable integration with internal modules and external third-party systems
  • Work with Apache Kafka for building real-time data pipelines and messaging systems, including publishing, consuming, and stream processing
  • Participate in the complete software development lifecycle (SDLC), including requirements analysis, architecture design, coding, testing, deployment, and production support
  • Collaborate with product owners, business analysts, and QA teams to translate business requirements into technical specifications and deliver high-quality software
  • Implement unit testing and integration testing strategies using tools such as JUnit and Mockito to ensure application reliability
  • Utilize Git for source control and participate in peer code reviews to ensure code quality, consistency, and adherence to best practices
  • Deploy and manage services in containerized environments using Docker and orchestration platforms such as Kubernetes (if applicable)
  • Fulltime
Read More
Arrow Right

Senior Software Development Engineer – .NET Core

The Senior Software Development Engineer will play a crucial role in leading the...
Location
Location
South Africa , Johannesburg
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of professional software development experience
  • Proven experience delivering production-grade .NET Core applications
  • Experience working in Agile teams with responsibility for significant solution components
  • Exposure to regulated or enterprise environments (e.g., healthcare, finance) is advantageous
  • Demonstrated experience supporting applications across the full SDLC, including post-deployment support
  • Bachelor’s degree in Computer Science, Engineering, or related field (advantageous) or equivalent practical experience
  • Microsoft or Azure-related certifications are advantageous
  • Additional certifications in software architecture or cloud technologies are beneficial
  • Strong technical problem-solving and analytical skills
  • Ability to work independently while contributing effectively within a team
Job Responsibility
Job Responsibility
  • Design and develop robust .NET Core applications aligned to client business and operational requirements
  • Translate business and functional requirements into well-structured, scalable technical solutions
  • Take ownership of complex components, integrations, and critical code paths within the solution
  • Contribute to architectural decisions and ensure adherence to established patterns and best practices
  • Lead by example through high-quality code, testing discipline, and documentation
  • Actively participate in sprint planning, estimation, and delivery tracking using Azure DevOps
  • Perform code reviews and provide constructive guidance to intermediate and junior developers
  • Collaborate with testers, analysts, and DevOps engineers to ensure smooth end-to-end delivery
  • Support deployment, monitoring, and troubleshooting across non-production and production environments
  • Ensure solutions comply with security, governance, and regulatory standards applicable to client environments
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy