Senior Product Security Engineer (Penetration Testing)

Company Description

NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View™. NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population.

Job Description

NielsenIQ is maturing its Application Security programs and is recruiting an Application Security Engineer who will be responsible for supporting the rollout of DevSecOps capabilities and practises across all geographies and business units.

As the Application Security Engineer, you will be responsible for integration, maintenance and analyses of the tools and technologies used in securing NIQ products/application throughout their development. You will oversee application security capabilities within a multi-national matrixed environment. The application security engineer will have the opportunity to replace the current Static and Dynamic Application Security Tool and advocate for the tech stack used for monitoring. This position will involve working closely with development/engineering teams, business units, technical and non-technical stakeholders, educating them and driving the adoption and maturity of the NIQ’s Product & Application Security programs.

Responsibilities

• Collaborate within Product Security Engineering and Cybersecurity teams to support delivery of its strategic initiatives.
• Work with engineering teams (Developers, SREs & QAs) to ensure that products are secure on delivery and implement provided security capabilities.
• Actively contribute to building and maintaining Product Security team security tools and services, including integrations security tools in the CI/CD process
• Report on security key performance indicators (KPIs) to drive improvements across engineering teams’ security posture.
• Contribute to Product Security Engineering team security education program and become an advocate within the organization’s DevSecOps and application security community of practice.
• Review IaaS / PaaS architecture roadmaps for the cloud to and recommend baseline security controls and hardening requirements, supporting threat modelling of NIQ’s products.

Qualifications

• 5+ years of experience working in a technical/hands-on application security, development, or DevOps professional environment.
• Working Knowledge of web stack, web security and common vulnerabilities (e.g. SQLi, XSS, & beyond.)
• Experience deploying containers using CI/CD pipeline tools like GitHub Actions, Gitlab Pipelines, Jenkins, and Terraform or Helm
• Self-starter, technology and security hobbyist, enthusiast
• Lifelong learner with endless curiosity

Bonus Points If You:

• Have experience building serverless functions in Cloud environments.
• Have knowledge of Cloud Workload Protection.
• Experience using SAST and DAST tools.
• Demonstrated engagement in security conferences, training, learning, associations is highly desired and fully supported.
• Ability to think like a hacker.

Additional Information

Benefits:

• Exciting work environment that brings people together.
• Use the latest digital technologies.
• Ongoing trainings to support your development.
• Opportunities for personal and professional growth.
• Great compensation linked to individual performance and company results.

Our Benefits

• Flexible working environment
• Volunteer time off
• LinkedIn Learning
• Employee-Assistance-Program (EAP)

About Niq

NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View™. NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population.

• For more information, visit NIQ.com
• Want to keep up with our latest updates?
• Follow us on: LinkedIn | Instagram | Twitter | Facebook
• Our commitment to Diversity, Equity, and Inclusion

At NIQ, we are steadfast in our commitment to fostering an inclusive workplace that mirrors the rich diversity of the communities and markets we serve. We believe that embracing a wide range of perspectives drives innovation and excellence.  All employment decisions at NIQ are made without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, marital status, veteran status, or any other characteristic protected by applicable laws. We invite individuals who share our dedication to inclusivity and equity to join us in making a meaningful impact. To learn more about our ongoing efforts in diversity and inclusion, please visit the https://nielseniq.com/global/en/news-center/diversity-inclusion