$100K — $150K *
Product Security Engineers are responsible for the end-to-end security of the assigned Alcon product(s) and working closely with R&D staff in achieving product and security objectives. The product security engineers are knowledgeable in key aspects of the hardware; software, protocols, cloud and related infrastructure technology stack. We are looking for passionate security professional with experience of working with software/application development, in a regulated industry supporting the implementation of secure development practices, threat modeling, architecture, design, vulnerability assessment and security verification/validation.
The responsibilities include but is not limited to:
• Perform architecture reviews as part of product security process
• Contribute to threat modeling and security risk assessments
• Contributes to security requirements/use cases development
• Influencing product features and roadmaps
• Manage and implement security in assigned products
• Develop/contribute success criterial for security product/solution testing
• Being a technical lead and guidance for product teams
• Support in security compliance/regulatory documentation
• Building capabilities, tools, and help automate where possible driving improvements to Alcon product security process and practices
• Lead vulnerability/incident assessment in alignment with security vision
This position may sit at any Alcon location US or International.
Fort Worth, TX
Johns Creek, GA
Sinking Spring, PA
Europe Alcon Locations
• Bachelor’s Degree or Equivalent years of directly related experience (or high school +13 yrs; Assoc.+9 yrs; M.S.+2 yrs; PhD+0 yrs)
• The ability to fluently read, write, understand, and communicate in English
• 5 Years of Relevant Experience
• Industry experience in a regulatory environment.
• Working knowledge in Cybersecurity with software/application or product development.
• Technical skills security in multiple technologies in the areas of:
• Operating Systems: Windows/Linux/Ubuntu
• Cloud Containers, security controls for IaaS, PaaS, Serverless: AWS, Google Cloud Platform, Azure, identity and Management, Encryption/data protection, Key Management, Software security, cloud development areas
• Programming skills (Java, Python, C/C++/C#)
• Secure Development Processes including threat modeling, security requirements, test automation, vulnerability management etc.
• Various technology stack including UX, Databases, middleware, applications etc.
Valid through: 12/4/2020