Senior Product Security Engineer

Job Description

Senior Engineer - Product Security NielsenIQ is maturing its Application Security programs and is recruiting an Application Security Engineer who will be responsible for supporting the rollout of DevSecOps capabilities and practises across all geographies and business units. As the Application Security Engineer, you will be responsible for integration, maintenance and analyses of the tools and technologies used in securing NIQ products/application throughout their development. You will oversee application security capabilities within a multi-national matrixed environment. The application security engineer will have the opportunity to replace the current Static and Dynamic Application Security Tool and advocate for the tech stack used for monitoring. This position will involve working closely with development/engineering teams, business units, technical and non-technical stakeholders, educating them and driving the adoption and maturity of the NIQ s Product Application Security programs. Responsibilities Collaborate within Product Security Engineering and Cybersecurity teams to support delivery of its strategic initiatives. Work with engineering teams (Developers, SREs QAs) to ensure that products are secure on delivery and implement provided security capabilities. Actively contribute to building and maintaining Product Security team security tools and services, including integrations security tools in the CI/CD process Report on security key performance indicators (KPIs) to drive improvements across engineering teams security posture. Contribute to Product Security Engineering team security education program and become an advocate within the organization s DevSecOps and application security community of practice. Review IaaS / PaaS architecture roadmaps for the cloud to and recommend baseline security controls and hardening requirements, supporting threat modelling of NIQ s products. Qualifications 6+ years of experience working in a technical/hands-on application security, development, or DevOps professional environment. Working Knowledge of web stack, web security and common vulnerabilities (e.g. SQLi, XSS, beyond.) Experience deploying containers using CI/CD pipeline tools like GitHub Actions, Gitlab Pipelines, Jenkins, and Terraform or Helm Self-starter, technology and security hobbyist, enthusiast Lifelong learner with endless curiosity Bonus Points if you: Have experience building serverless functions in Cloud environments. Have knowledge of Cloud Workload Protection. Experience using SAST and DAST tools. Demonstrated engagement in security conferences, training, learning, associations is highly desired and fully supported. Ability to think like a hacker. Additional Information Our Benefits Flexible working environment Volunteer time off LinkedIn Learning Employee-Assistance-Program (EAP) About NIQ NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world s population. For more information, visit NIQ.com Want to keep up with our latest updates