Lead Software Engineer - Product Security
Location: Bangalore, Karnataka IN
Job Number: 29368
Position Title: Lead Software Engineer
Informatica is the clear market leader of the Integration Platform-as-a-Service (iPaaS) and on Prem Data Integration software providers with a wide variety of products like Data Integration, Data Quality, Information Lifecycle Management, Test Data Management, Master Management, and other Enterprise Information Management. Thousands of customers rely on our service to move billions of records daily. The Product Security team plays a key role in the success of Informatica’s Product and Cloud Transformation journey. We implement industry-leading technologies and practices to bake in scalability, reliability, and security during product design. We ensure security and compliance are integral parts of Informatica’s core values of continuous innovation and customer delight.
- Define and manage the end to end process for reporting and remediating vulnerabilities across all Informatica products, applications, and services.
- Act as technical subject matter expert for secure application design reviews, technical application design reference architectures, and secure code development practices.
- Closely work with engineering teams to analyze the root cause and remedy
- Help improve security and risk posture and solve scalability challenges with engineering teams
- Automating security assessments to make the global security team more efficient, integrating systems and processes together, ultimately finding security flaws
- Build and maintain processes that enable developers to self-serve for most operational tasks.
- Participate in threat modeling, conduct reviews of security architecture and platform/service designs, and audit source code
- Introduce and develop new approaches for vulnerability hunting. Suggest and guide new approaches/ tools for efficient issue detection
- Exposure to DevOps automation like Orchestration/Configuration Management and CI/CD tools (Jenkins) for integrating product security lifecycle with CI/CD pipelines
- A degree in Computer Science in Software engineering or Information technology or related fields
- 5+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team
- Familiarity with the leading toolsets including continuous penetration testing (with a thorough understanding of OWASP Top 10), automation, and SAST/DAST/SCA tools (Veracode, BlackDuck, Burp, Zap, etc).
- Possess a solid understanding of the Linux or Unix family of OS and their underlying components/ Networking basics.
- Advanced experience using analysis tools (e.g. file/network/OS monitoring tools and/or debuggers)
- Advanced knowledge of system internals and security mechanisms
- Exposure to the public cloud platform (AWS, Azure, Google Cloud)
- Understanding of security in a Microservice architecture and in-depth knowledge of cloud-native security controls and solutions.
- understanding of trends in cloud, cloud security, and information security
- understanding of Enterprise Networks, Network Security, Identity Access Management, Data Security, application security
- Hands-on experience in scripting e.g. Bourne/Korn Shell, Python/Perl/Ruby/Go
- Strong interpersonal skills with the ability to communicate and work effectively across the organization.
- Very comfortable working in an agile DevOps oriented capacity, alongside Development partners
- Possess analytical skills and the ability to think systematically under stressful conditions
- Highly accountable and takes ownership. Outstanding work ethic, high-integrity, team player, and a lifelong learner.
Nice to Have:
- Security Certifications
- Excellent programming experience (design, coding & debugging) and secure code review skills for applications built on modern tech stacks like Java, Node, Go, PHP, Python, Angular, React, NoSQL, etc.
- Contributions to open-source projects
Seniority Level: Mid-Senior Level
Alternative Location(s) :
Community / Marketing Title: Lead Software Engineer - Product Security
LinkedIN Hashtag: LI-AD1
Unleash Your Potential
A career with Informatica gives you all the opportunities and benefits that can only come from working for the trusted industry leader. By joining our team, you'll be able to solve real-life problems, make a difference, have a global impact, and join a supportive group of globally diverse teammates. We encourage you to be yourself, grow with us and unleash your potential.
EEO Employer Verbiage:
Informatica is the enterprise cloud data management leader, helping enterprises overcome critical business challenges by leading with the power of data. Processing over 15 trillion cloud transactions a month, Informatica enables the world’s most innovative companies to take a cloud-first, cloud-native approach to modernize their data infrastructure, gain a 360-degree view of their business, and drive data governance and privacy. Informatica is the market leader in all five key categories of enterprise data management and has been the trusted partner to more than 9,500 customers. Connect with Informatica at www.informatica.com, LinkedIn, Twitter, and Facebook.
Conquering the Impossible with data, come join #LifeAtINFA!
All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Travel Requirement: Limited
Location_formattedLocationLong: Bangalore, Karnataka IN