Product Security Lead

ZEISS in India

ZEISS in India is headquartered in Bengaluru and present in the fields of Industrial Quality Solutions, Research Microscopy Solutions, Medical Technology, Vision Care and Sports & Cine Optics.

ZEISS India has 3 production facilities, R&D center, Global IT services and about 40 Sales & Service offices in almost all Tier I and Tier II cities in India. With 2200+ employees and continued investments over 25 years in India, ZEISS’ success story in India is continuing at a rapid pace.

Further information at ZEISS India.

Design security controls and help validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards and applicable best practices

Analyze the security of applications and services, discovering and addressing security issues, building security automation, and appropriately identifying the action(s) to mitigate emerging threats throughout a full secure development life-cycle (SDLC).

Deploying, Migration to and Maintaining solutions in accordance with company security policies and best practices in product security in closely working with the Security Engineers of the Projects respectively

Identifying, analyzing, and resolving infrastructure vulnerabilities and product security issues in closely working with the Security Engineers of the Projects respectively

oCollege degree or / equivalent and 8-10 years related work experience, required

oMinimum of 5 to 6 years of professional experience with any combination of at least 2 technical disciplines, including the following: cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, authentication and authorization, network architecture, system administration, and systems engineering

oStrong experience in conducting security assessments, including penetration testing

oAn understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP)

oAn understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)

oFamiliarity with reverse engineering or vulnerability research, physical, infrastructure, or hardware security

oExperience with one or more programming languages (such as Java, C++, Ruby, Python, Perl) for the purpose of code review

oExperience and exposure to threat modeling and design reviews to assess security implications and requirements for introduction of new technologies

oExperience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions

oExperience with enterprise architecture and working as part of a cross-functional team to implement solutions

Your ZEISS Recruiting Team:

Sikcha Chhetri, Upasana Sinal