The Application Security Engineer is a critical member of the secure application development team and responsible for verifying the required security controls are integrated in product/Service. The Application Security Analysts is responsible for ensuring that application developers have closed security vulnerability gaps found in the applications and have built mitigating controls into HealthSuite Digital Platform (HSDP) products, services and operations.
As part of the larger HSDP Privacy and Security Team, the Application Security Engineer -
Should be able to understand the Application security risks that as a part of security risk assessments and Threat modeling of applications
Create and execute the corresponding security test cases to verify that the mitigations are properly implemented in the application.
Understand and analyze the application code.
Able to perform Static and Dynamic code analysis
Able to guide and support development teams to fix the security vulnerabilities in the code.
3 -7 years of work experience in Application Security
Understanding and familiarity with common code review methods and standards
Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
Application development experience
Experience in a wide variety of languages, which includes C/C++, Java, .Net, Perl, Python and etc.
Research and pilot new services / technologies to support secure software development
Knowledge of standard SDLC practices
Experience in application security penetration testing
Experience in tools like HP Webinspect/IBM Appscan/Acunetix and open source tools like burp, OWASP ZAP, CSRF tester etc, Burp Suite
Experience with Open Web Application Security Project (OWASP) standards, Open Source Security Testing Methodology Manual (OSSTMM) methodologies
Knowledge in cloud & Big data application security testing
Sufficient understanding or exposure to testing application on below technology will be helpful
Data storage for SQL, Oracle etc.
Big Data / Analytics / Cloud
Bachelor degree required
Degree or concentration in Computer Science, Information Systems, Information Security or similar preferred.
Preferred Security certifications
Security certifications like
Why should you join Philips?
Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 3 billion lives a year by delivering innovative solutions across the health continuum at http://www.philips.com/b-dam/corporate/corporateblog/2016/PhilipsChronicDisease_5.jpg . Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways.
To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page at http://www.philips.com/a-w/careers/healthtech/working-at-philips/working-at-philips.html on our career website, where you can read stories from our employee blog at http://www.usa.philips.com/a-w/our-people/life-at-philips.html . Once there, you can also learn about our recruitment process at http://www.philips.com/a-w/careers/healthtech.html , or find answers to some of the frequently asked questions at http://www.philips.com/a-w/careers/healthtech/faq.html .