Product Security EngineerEngineering | Morrisville, NC (RTP), United States
1) The tissue in plants that brings water upward from the roots;
2) a leading global water technology company.
Xylem, a leading global water technology company dedicated to solving the world’s most challenging water issues, is the leading global provider of efficient, innovative and sustainable water technologies improving the way water is used, managed, conserved and re-used. Our international team is unified in a common purpose: creating advanced technology and other trusted solutions to solve the world’s water challenges. We are committed to creating an organization of inclusion and diversity, where everyone feels involved, respected, valued and connected, and where everyone is free to bring their authentic selves and ideas.
If you are excited and passionate about helping us #letssolvewater, we want to hear from you!
The Role: Sensus, a Xylem brand, seeks to hire a Product Security Engineer to join the security technologies team. The Product Security Engineer will be responsible for collaborating with the development team and implementing a secure architecture across Sensus technology platforms with a focus on software applications. This position will work across software and hardware development teams to identify component and system level technical risks, identify and evaluate critical failure points, determine technical security controls to mitigate risks, prioritize and schedule controls with product development timelines, and work with cross functional teams to implement features according to product maps.
Essential Duties/Principal Responsibilities:
- Provides the project team guidance and leadership on best practices regarding security in software development, user interface design frameworks, high performance messaging solutions, server-side development, integrations, communication protocols, and tools and technologies
- Contribute to the development and evolution of the application and infrastructure security reference architecture. Develop, implement and maintain the security architecture for Sensus product portfolio
- Risk analysis, risk management, and communication of results with software/hardware development managers
- Support the Sensus product Security Development Lifecycle (SDLC). This includes security testing, penetration testing identifying and fixing vulnerabilities in software and applications on all Sensus products.
- Perform vulnerability research, assessment, and management, serve as technical security/risk advisor on all new technology developed by Sensus
- Perform threat modeling, static application security testing, code reviews, and secure design reviews for high risk applications.
- Determine testing requirements and strategies, automate security testing using a variety of scripting and open source tools
- Implement or manage the implementation of common application security controls, ensuring that practices meet software certification processes
- Assist developers in remediating vulnerability findings by providing line-by-line guidance.
- Maintain knowledge of current and emerging technologies / products / trends related to security architectural solutions
- Participation in Xylem Watermark volunteer activities
Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:
- BSCS or equivalent with 2-5 year’s relevant experience
- Demonstrated programming knowledge– Java, C#, C
- Technical experience in Security/Identity Management including SSO, LDAP, MFA and Provisioning
- Operating systems knowledge – Windows (all flavors), Red Hat Linux, Debian Linux
- Security audit, Vulnerability assessment and packet analysis skills
- Encryption knowledge, HSM (Hardware Security Modules)
- Database knowledge – Postgres, SQL, Oracle
- Good analytical and debugging skills; creative ability, good organizational skills
- Self-motivated; ability to work under general supervision; receptive and supportive of team efforts
- CEH/ CISSP or another security certification
- Excellent written & oral communication skills and coordination with peers, end-users, and management
- Professional Development – To advance the capabilities of our people, we offer a wide variety of experiences to support our employees’ professional growth and continuous learning.
- Total Rewards – We offer comprehensive programs for compensation, benefits, recognition, learning and development, work-life integration and corporate citizenship.
- Watermark– Watermark is our corporate social responsibility program working to provide education and access to safe water to ensure healthy lives, gender equality, and resilient communities. Employees have the opportunity to learn and volunteer on various water-related projects.
- Employee Networks– Our Employee Networks provide a professional, supportive network for employees from diverse backgrounds, including Women’s, LGBT+ and Allies, Veteran’s, People of Color and Allies, Hispanic Origin & Latin Affinity, Emerging Leaders, and Working Parents Networks.
Physical Demands/Work Environment:
(The physical demands and work environment described here are representative of those an employee encounters and must be met to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
- Regularly required to sit or stand, reach, bend and move about the facility
- Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements.
- Standard weekly job hours: 40 hours
Xylem is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.