Minimum Education: Bachelor's Degree (S1)
Work Experience:
- At least 3 years of experience in application security or product security within complex software environments.
- Experience in conducting product security risk assessments, hazard analysis, and providing vulnerability mitigation guidance.
Technical Skills:
- Product Security: Deep knowledge of software security principles, including threat modeling, security risk analysis, and product security documentation.
- Risk Analysis: Ability to lead product security risk assessments, including identifying and mitigating potential threats throughout the product lifecycle.
- Security Testing: Familiarity with security testing processes such as penetration testing, code review, and understanding of common software vulnerabilities (e.g., OWASP Top 10).
- Programming Languages: Proficiency in one or more programming languages (e.g., PHP, Java) to assist with collaboration with development teams and reviewing technical designs.
- Document Management Systems: Experience with document management systems related to security, as well as approval processes for product documentation.
Additional Qualifications:
- Relevant security certifications (e.g., CEH, OSCP, etc.) are a plus.
- Knowledge of software quality standards and procedures, as well as compliance with policies.
- Ability to collaborate with other technical teams.
- Ability to act as a Subject Matter Expert (SME) in product security, with the capability to manage the security roadmap in collaboration with development teams.
