Job Description – Product Security Analyst
Location: Bangalore
Job Type: Full Time
Experience: 2+ Years
Notice Period: 15-30 Days
Salary: 5-6 LPA

Overview:
We are looking for a talented and dedicated Product Security Analyst to join our team in Bangalore. The ideal candidate will have a minimum of 2 years of experience in security analysis and a passion for ensuring the security of software products throughout their lifecycle. You will work closely with development teams to identify vulnerabilities, conduct security assessments, and implement solutions to enhance the security posture of our products.

Key Responsibilities:

Conduct security assessments and penetration testing of software products, identifying vulnerabilities and weaknesses.
Perform threat modeling and risk analysis to understand security risks associated with product features and implementations.
Collaborate with development and product teams to integrate security best practices into the software development lifecycle (SDLC).
Review code and product designs to ensure secure coding practices are being followed and identify potential vulnerabilities.
Work with cross-functional teams to create and implement security measures for new features and products.
Track, report, and resolve security issues across various products, ensuring vulnerabilities are patched or mitigated.
Stay updated on the latest security threats, vulnerabilities, and industry trends to proactively address security challenges.
Provide recommendations to enhance product security and ensure compliance with security standards and best practices.
Assist in the creation and maintenance of security documentation, including security guidelines, policies, and procedures.
Qualifications:

Minimum 2 years of experience in product security, software security analysis, or a related role.
Strong understanding of secure software development practices and common security vulnerabilities (e.g., OWASP Top 10, SQL Injection, XSS).
Hands-on experience with security tools for static and dynamic analysis (e.g., Fortify, Checkmarx, Burp Suite, OWASP ZAP).
Familiarity with various programming languages (e.g., Java, Python, C++) and their security implications.
Understanding of risk management, threat modeling, and vulnerability assessment techniques.
Ability to conduct in-depth security assessments and provide actionable recommendations.
Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a related field.
Preferred Skills:

Certifications such as CISSP, CEH, or OSCP are a plus.