Product Security Specialist - Docker/Kubernetes

Job Description : Key Responsibilities : - Embed security into the Software Development Life Cycle (SSDLC), ensuring the adoption of secure design, coding, and testing practices. - Conduct SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and Open Source Security (OSS) assessments to identify and remediate vulnerabilities. - Perform penetration testing and Open-Source Intelligence (OSINT) investigations to uncover security weaknesses. - Leverage OWASP methodologies and frameworks to improve security postures. - Ensure compliance with global security frameworks (e., GDPR, ISO 27001, NIST, SOC 2, CAIQ) and assess their impact on data protection. - Actively contribute to security initiatives, collaborating with developers, DevOps engineers, and product managers to drive secure development practices. - Investigate emerging technologies to enhance product security. - Build a strong communication methodology to ensure effective communication to key stakeholders. - Manage projects to timeframes. - Operationalize and enhance our Penetration Testing as a Service (PTaaS) and Cookie management platforms, working with product leads. - Challenge, validate, and support proposed solutions/designs. - Working with Project Managers to identify, understand and proactively mitigate potential issues. - Reporting & escalation of concerns & issues and develop necessary plans to mitigate any risks. - Work closely with client facing resources to ensure potential issues are understood and action taken Desired Expertise : - Experience in Cloud Security and securing cloud environments. - Knowledge of Container Security, including Kubernetes and Docker hardening practices. - Understanding of Security Architecture principles and best practices. - Experience with Azure DevOps, GitHub security controls, and common CI/CD security practices and pipelines. - Proficiency with security tools such as Burp Suite, Kali Linux, and other security testing platforms. - Ability to stay ahead of evolving threats and integrate security into emerging technologies. - Experience building relationships and gaining credibility with all levels of an organization. - Demonstrated experience with working with diverse operational teams. - Strong working knowledge of Microsoft 365 applications and general technical literacy. - Experience in operational, process, and performance improvement projects and programmer including process mapping and process / time management : - Stay organized and execute tasks within the defined timeframe - Deliver outstanding work to tight deadlines and manage a diverse workload - Pay attention to detail and delivers high quality reports. - Strong Communication skills: presents and communicates effectively. - Ideally 2 years of Security Consultancy/DevOps or SSDLC experience working within or alongside a development team, with a track record of analyzing and implementing security enhancements. - Ideally 4 years of experience in a security testing function, with a proven ability to Analyse and interpret vulnerability reports and priorities actions to minimize risk. (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 3/26/2025