CrawlJobs Logo

Product Security Engineer - Secure SDLC Analyst

https://www.hpe.com/ Logo

Hewlett Packard Enterprise

Location Icon

Location:
United States , San Juan

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

HPE Aruba Networking is looking for a person excited to work at the intersection of software engineering, security, and assurance and trust. HPE Aruba Networking produces a variety of types of software, from embedded firmware to Linux-based appliances to containerized cloud applications, but what these all have in common is a need to build security in from the beginning and to demonstrate to our customers that these products are trustworthy for use in their own environments. This Secure SDLC role is part cybersecurity auditor, part consultant, part implementor who can work directly with software engineering teams on how to continually improve security maturity.

Job Responsibility:

  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements

Requirements:

  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle

Nice to have:

  • Industry certifications such as CISSP, CISA, CCSP, CSSLP, CGRC, or GIAC
  • Knowledge of relevant regulations and standards and how to interpret and implement these requirements within the organization's products
  • Ability to develop and implement security policies, procedures, and guidelines that align with organizational goals and compliance requirements
  • Technical experience with scripting and automation
  • Experience with participating in or leading external security standards communities or working groups
  • Familiarity with the Agile development methodology
  • Ability to manage security projects, setting priorities, and meeting deadlines as an independent performer
  • Strong communicator with ability to collaborate with various teams
  • Experience with ASPM, SCA, DAST and SAST tools
  • Experience with Project Management software (e.g. Jira, Asana, Confluence)
  • Experience with the procurement process for IT tools, particularly with product evaluations
What we offer:
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion

Additional Information:

Job Posted:
July 09, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Hewlett Packard Enterprise - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Product Security Engineer - Secure SDLC Analyst

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Senior Technical Program Manager

The Senior Technical Program Manager, Security & GRC will work directly with our...
Location
Location
United States
Salary
Salary:
200000.00 - 220000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in CS, Engineering, or a related field
  • Started career as a Security Engineer, Systems Administrator, or Analyst
  • TPM professional for 5+ years, specifically managing high-stakes security, privacy, or infrastructure initiatives
  • Deep understanding of the Security SDLC and experience navigating cloud-native service architectures (AWS/GCP) with a focus on security guardrails
  • Experience translating regulatory frameworks (e.g., SOC2, ISO 27001, FedRAMP, or GDPR) into concrete technical requirements
  • Proven ability to 'go deep' and comfortable looking at architectural diagrams, API docs, or cloud configurations to find root causes
  • Exceptional communication skills with a knack for explaining the 'why' behind a security control to a developer and the 'how' of a technical fix to an auditor
  • Strong ability to leverage data—from vulnerability scanners to Jira velocity—to tell a story and drive cross-functional decision-making
Job Responsibility
Job Responsibility
  • Technical security orchestration: Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance 'into the kiln'
  • Help design risk solutions: Dive deep into the security stack to not only identify execution blockers but actively architect the technical solutions to implement them
  • Help architect our security mission: Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap
  • Drive high-velocity operations: Lead agile security sprints that harmonize vulnerability remediation and threat detection with feature development
  • Optimize the 'rhythm of the business' by automating manual GRC workflows, eliminating manual friction and moving us toward Compliance as Code
  • Translate telemetry into narrative: Distill complex security data and telemetry into compelling risk narratives for leadership while maintaining high-fidelity technical depth for engineers
  • Optimize the defensive roadmap: Command long-term strategic planning by aligning cloud infrastructure costs and security tooling with the company’s overarching defensive goals
  • Cultivate organizational excellence: Uphold a relentless culture of focus and accountability, identifying systemic inefficiencies and driving impact through superior tooling and process engineering
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right

Infrastructure Senior Technology Analyst

The Infrastructure Senior Technology Analyst is an intermediate level role respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years' experience in I.T
  • 5+ years hands-on experience on middleware webhosting and application server products
  • Bachelor's degree in computer science or related field or equivalent combination of education and experience
  • Experience in IT security compliance and implementation and use of security protocols (SSL, Server certificates)
  • Good experience using Java, J2EE, XML, SQL and Shell/Perl/python/PowerShell Scripting in UNIX/Wintel environment
  • Experience in modernization of traditional web/app applications to Redhat Openshift containers & external Cloud
  • Reasonable experience with AI tools to automate current pain points in workflow
  • Familiarity with Compliance and risk management frameworks and methodologies (ISO27002, SDLC)
  • Initiative and ability to perform under pressure
  • Strong leadership, interpersonal and communication skills
Job Responsibility
Job Responsibility
  • Create complex project plans and perform impact analyses
  • Solve/work high impact problems/projects and provide resolutions to restore services
  • Drive Root Cause Analysis (RCA) post restoration of service
  • Design testing approaches, complex processes, reporting streams, and create automation of repetitive tasks
  • Review requirement documents, define hardware requirements and examine and update processes and procedures
  • Provide technical/strategic direction and act as advisor/coach to lower-level analysts
  • Develop projects required for design of metrics, analytical tools, benchmarking activities and best practices
  • Provide expertise in application hosting technologies with specialized emphasis on IBM technologies (WebSphere/WebLogic Application Server, WebLogic Forms and Reports, IHS)
  • Provide expertise in other web hosting technologies like Microsoft IIS, Apache, Tomcat
  • Provide expertise in Java/J2EE deployments and Operating system scripting
  • Fulltime
Read More
Arrow Right

API Business Analyst

The Digital S/W Engineer Intmd Analyst is a developing professional role. Deals ...
Location
Location
India , Pune; Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong analytical and quantitative skills
  • Data driven and results-oriented
  • Experience in running high traffic, distributed, cloud based services
  • Experience in affecting large culture change
  • Experience leading infrastructure programs
  • Skilled at working with third party service providers
  • Excellent written and oral communication skills
  • Bachelor’s/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Address a variety of responses to problems, questions, or situations by applying established criteria to directly influence development outcomes
  • Responsible for applications systems analysis and programming activities
  • Accountable for development, design, construction, testing and implementation and write secure, stable, testable and maintainable code
  • Expected to operate with autonomy
  • Engage in digital applications development, risk technology, Middleware, Mainframe applications, Non Mainframe applications, Analytic Model Development and Application support activities to meet specific business needs of user areas and to test systems to ensure integrity of deliverables
  • Expected to provide sound understanding of application development concepts and principles and a basic knowledge of concepts and principles in other technology areas
  • On occasion, may need to consult with users, clients and other technology groups on issues and recommend programming solutions for customer exposed systems
  • Take the time to fully learn the functionality, architecture, dependencies, and runtime properties of the systems involved with your projects
  • Understand the business context and the associated customer use cases
  • Understand the team’s technologies and are able to evaluate system designs and architecture as you participate in solution discussions, development and the creation of application / systems documentation
  • Fulltime
Read More
Arrow Right

Application Security Analyst Lead

The Application Security Analyst Lead will conduct security assessments for web ...
Location
Location
Romania , Sibiu
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field
  • Minimum 5–10 years of experience in cybersecurity or IT security roles
  • Strong knowledge of OWASP Top 10, OWASP ASVS, and web application security principles
  • Solid experience with web application penetration testing tools and methodologies
  • Proficiency in identifying and exploiting common application vulnerabilities
  • Understanding of API security testing for REST, GraphQL, SOAP, and microservices
  • Knowledge of mobile application security testing for iOS and Android platforms
  • Programming languages: Java, .NET (C#), Python, JavaScript, TypeScript, PHP
  • Web frameworks: Spring, Django, Flask, Express.js, React, Angular, Vue.js
  • Mobile development: Swift, Kotlin, React Native, Flutter basics
Job Responsibility
Job Responsibility
  • Conduct security assessments for web apps, APIs, and mobile apps under limited supervision
  • Perform OWASP Top 10 and advanced penetration testing (authenticated/unauthenticated)
  • Assess API security (REST, GraphQL, SOAP) and test auth, session management, and access controls
  • Identify business logic flaws and exploit vulnerabilities
  • Perform manual/automated secure code reviews across multiple languages
  • Identify vulnerabilities (injection, XSS, insecure dependencies) and review architecture for weaknesses
  • Analyze third-party libraries, cryptographic implementations, and secure data handling
  • Provide actionable remediation guidance and secure coding recommendations
  • Assess iOS/Android apps, including reverse engineering and binary analysis
  • Test data storage, transmission, backend APIs, and mobile authentication mechanisms
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions
  • Accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Manager / Senior Manager of EMR Integrations & Interoperability

We are seeking an experienced and hands-on Manager / Senior Manager of EMR Integ...
Location
Location
United States
Salary
Salary:
147841.00 - 195361.00 USD / Year
billiontoone.com Logo
BillionToOne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in healthcare IT, EMR integration, or clinical interoperability
  • At least 2–3 years in a people or project leadership role
  • Solid technical expertise in major EMR platforms and interoperability standards (e.g., HL7, FHIR, CDA, SMART on FHIR, APIs)
  • Proven track record in delivering complex integration projects on time and within scope
  • Experience managing small-to-mid-sized technical teams
  • Strong communication and stakeholder management skills across technical and non-technical groups
  • Familiarity with agile project management and SDLC best practices
  • Bachelor’s degree in Computer Science, Health Informatics, Biomedical Engineering, or related field preferred
Job Responsibility
Job Responsibility
  • Define and execute the enterprise-wide EMR integration strategy, aligning with clinical, commercial, and product goals
  • Develop and own the long-term roadmap for scalable, secure, and interoperable EMR integration infrastructure
  • Serve as a thought leader on EMR interoperability, standards (e.g., HL7, FHIR, SMART), and vendor ecosystems
  • Manage and mentor a team of EMR integration engineers, analysts, and/or project managers
  • Support hiring, onboarding, and development of team members
  • Foster a collaborative, accountable, and high-performance team culture
  • Establish and evolve team processes, performance standards, and professional development frameworks
  • Oversee the full lifecycle of EMR integrations across Epic, Cerner, Athena, and other major platforms—from initial scoping to go-live and long-term support
  • Lead the team in designing, configuring, and optimizing EMR workflows, data exchange protocols, and custom interfaces
  • Set and enforce best practices for security, scalability, and compliance (e.g., HIPAA, HITRUST)
What we offer
What we offer
  • Working alongside brilliant, kind, passionate and dedicated colleagues, in an empowering environment, toward a global vision, striving for a future in which transformative molecular diagnostics can help millions of patients
  • Open, transparent culture that includes weekly Town Hall meetings
  • The ability to indirectly or directly change the lives of hundreds of thousands patients
  • Multiple medical benefit options
  • employee premiums paid 100% of select plans, dependents covered up to 80%
  • Extremely generous Family Bonding Leave for new parents (16 weeks, paid at 100%)
  • Supplemental fertility benefits coverage
  • Retirement savings program including a 4% Company match
  • Increase paid time off with increased tenure
  • Latest and greatest hardware (laptop, lab equipment, facilities)
  • Fulltime
Read More
Arrow Right
New

Technical Business Analyst

The Technical Business Analyst (TBA) serves as the vital bridge between business...
Location
Location
India , Chennai
Salary
Salary:
Not provided
toppanmerrill.com Logo
Toppan Merrill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3-5 years of experience as a Technical Business Analyst in IT development or data-driven environments
  • Strong understanding of ETL concepts and system integration
  • Hands-on experience with SQL, REST/SOAP APIs, JSON/XML, and data analysis
  • Familiarity with Agile/Scrum methodologies and tools such as Jira, Confluence, or Azure DevOps
  • Knowledge of UML, BPM tools, data warehousing and data governance/data quality frameworks
  • Excellent analytical, problem-solving, and critical-thinking abilities
  • Strong communication skills for both technical and non-technical audiences
  • High attention to detail with the ability to manage multiple priorities
  • Strong ownership mindset and accountability for deliverables
  • Flexibility to work during US business hours, including late evenings
Job Responsibility
Job Responsibility
  • Collaborate with business stakeholders to gather, analyze, and document requirements, user stories, and acceptance criteria
  • Translate complex business needs into detailed functional and technical specifications
  • Work with solution architects and developers to design scalable and secure systems
  • Develop process models, data flow diagrams, interface specifications, and integration mappings
  • Identify opportunities to optimize and automate data and ETL processes
  • Perform detailed analysis of data flows, ETL pipelines, and system integrations
  • Support data migration, API design, and integration initiatives
  • Configure and maintain ETL tools/platforms to support business requirements and data integration needs
  • Monitor and troubleshoot ETL jobs, ensuring data accuracy and integrity
  • Develop and maintain documentation for ETL workflows, mappings, and transformations
  • Fulltime
Read More
Arrow Right

Lead Software Engineer - Platform Integration

Wells Fargo is seeking a Lead Software Engineer.
Location
Location
India , Bangalore or Hyderabad
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
March 17, 2026
Flip Icon
Requirements
Requirements
  • 5+ years of Software Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 5+ years of hands‑on engineering experience with strong integration expertise
  • Advanced proficiency in Java, Python, or similar languages
  • Deep experience with: API engineering at scale
  • Integration frameworks and enterprise integration patterns
  • Kafka/RabbitMQ/event streaming
  • ETL/ELT solutions and large data integration workloads
  • Strong understanding of distributed architecture, cloud native design, and hybrid deployment models
  • Proven experience with AWS/Azure/GCP/OCP
  • Strong knowledge of API security, OAuth, JWT, encryption, certificates
Job Responsibility
Job Responsibility
  • Define the architecture, patterns, and best practices for enterprise integration
  • Lead the design of high‑scale, fault‑tolerant integration solutions
  • Own the integration technology roadmap and contribute to platform strategy
  • Drive complex cross‑platform modernization efforts
  • Lead development of enterprise connectors, integration frameworks, reusable components, and automation accelerators
  • Oversee real‑time integrations using REST/GraphQL and event‑streaming systems (Kafka/RabbitMQ)
  • Ensure reliability, resiliency, and observability across integration layers
  • Architect and review REST/GraphQL API ecosystems across products
  • Drive cloud‑native integration designs using Kubernetes, OpenShift, Docker
  • Own CI/CD strategy, GitOps workflows, and automation pipelines for integration delivery
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy