Role open to remote US and Canada Key Responsibilities
- Partner with various stake holder groups, to promote and build a culture of security and ensure products are designed and built securelyPartner with security operations, business teams and product development teams to promote awareness of security initiatives and conduct/support product security assessments
- Partner with software development teams across Applied to conduct and implement secure SDLC concepts such as training, identify security requirements, threat modeling, code/design reviews, and security testing
- Partner with software development teams to implement processes and tools to enable code analysis, vulnerability assessment, open-source license compliance
- Have considerable experience in performing application security/penetration testing using manual and automated tools
- Ability to interpret security tools and penetration testing results to stakeholders and provide advice on vulnerability remediation and risk mitigation
- Should have good understanding of DevSecOps concepts/principles and cloud native services, to enable secure development and deployment of applications in the Cloud
- Work with Information Security and Information Technology teams to build & maintain controls to manage varied risks including application and cyber risks
- Work with a global team to help implement and monitor security controls to proactively identify application security issues
- Create relevant documentation and metrics to your stakeholders and business leaders and deliver these in a clear, concise manner.
- Work across teams to develop and define project/program information security metrics & dashboards.
- Monitor events, collate and analyze data to assess the environment for information security risk, policy violations, & unusual activity and perform root cause analysis.
- Architect and implement new or updates to security solutions. Provide technical advice to clients and teams on design, installation and maintenance of information security.
- Evaluate on-premise & Cloud services to ensure information and personal information security. Work with the end users and project teams to design, implement and support information security best practices.
- Bachelor's degree or equivalent experience in Security
- Minimum 6 to 8 years of experience in Application and/or product security
- A thorough understanding of common application security tools, code libraries and documentation.
- Understanding of threat modeling, security vulnerabilities, attacker exploit techniques, and methods for their remediation.
- Familiarity with the tools for various security activities: Static Code Analysis, DAST Penetration Testing, Intrusion Detection/Prevention, etc.
- Experience with web application penetration testing
- Experience in performing source code review
- Working knowledge of one scripting language and or familiarity with at least one software programming language and a framework is a plus
- Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences.
- Certification in any security area is a plus
- Experience working in semi-conductor industry is a plus
Bachelor's Degree Skills Certifications: Languages: Years of Experience:
4 - 7 Years Work Experience: Additional Information Travel:
No Relocation Eligible:
Applied Materials is an Equal Opportunity Employer committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, citizenship, ancestry, religion, creed, sex, sexual orientation, gender identity, age, disability, veteran or military status, or any other basis prohibited by law.