Lead Application Security Engineer
Pune, Maharashtra, India
Full Time
1 week ago
Visa Sponsorship
Key skills
AzureCloudCyber SecurityJavaNode.jsPHPPythonRubyGoAIMLGenAILLMNodeJSAzure DevOpsPrismaGitHubSource ControlCI/CDCheckmarxOWASP
About this role
Role Overview
- Collaborate with business segment cybersecurity teams on application security and AI security technology adoption
- Drive best practices and sound design principles through the Secure Software Development Lifecycle (SSDLC) for both traditional and AI-enabled applications
- Educate teams across Baker Hughes Power on secure development best practices, AI/GenAI security risks, tools, and methodologies
- Participate in code reviews across teams to ensure secure coding practices and secure AI model integration
- Manage key application security programs – including Container Security implementation and AI security enablement
- Lead projects to drive the assessment, operationalization, and adoption of new technologies, platforms, tools, and frameworks
- Pentest AI/LLM-based systems
- Drive adoption of practices aligned with OWASP Top 10 for LLM Applications
- Partner with engineering and data teams to ensure secure design, deployment, and monitoring of AI models and services and adoption of new technologies, platforms, tools, and frameworks
Requirements
- Have a Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math)
- Have a minimum 8 years of professional experience
- Have working knowledge of application security services such as SAST, SCA, DAST, Container Security, and AI/GenAI security controls and pentest
- Have experience managing or deploying Container Security solutions and/or securing cloud-native workloads
- Have working knowledge of OWASP Web/API vulnerabilities and OWASP Top 10 for LLM/AI applications, along with compensating controls
- Have experience with Java / NodeJS / Go / PHP / Python / Ruby , with exposure to AI/ML frameworks or integrations (preferred)
- Have Software Development Lifecycle and application security testing experience, including security integration into CI/CD pipelines
- Have working knowledge of source control tools such as GitHub or Azure DevOps
- Have experience with Application Security solutions such as BlackDuck / Checkmarx / Prisma Container Security, and familiarity with AI/ML security tools or platforms is a plus
Tech Stack
- Azure
- Cloud
- Cyber Security
- Java
- Node.js
- PHP
- Python
- Ruby
- Go
Benefits
- Contemporary work-life balance policies and wellbeing activities
- Comprehensive private medical care options
- Safety net of life insurance and disability programs
- Tailored financial programs
- Additional elected or voluntary benefits