Job Information
Autodesk Principal Application Security Engineer in Bengaluru, India
Job Requisition ID #
24WD79583
Position Overview
Our team of security experts helps Autodesk design, build, deploy and maintain secure products. We are embedding security in the full spectrum of how we build our products from inception, design, development, testing to how we are running them in the cloud as well as how we are responding to any existing or emerging threats to our products or the building blocks of our products and services. Our job is to be one step ahead of the bad guys and use expertise, technology and other resources to thwart their efforts to compromise our products and the environment in which they operate. Our team keeps a single-minded focus on protecting our customer's data and their investment in our products by strengthening our applications, underlying services and network.
We are looking for a passionate Principal Application Security Engineer to drive strategic direction, develop standards, guidelines, and policies for our application security program. You will lead "shift-left" security efforts to build security into the software development lifecycle (SDLC). You will drive a standardized set of security requirements and align policies to meet external regulatory requirements. Come practice and grow your security expertise at scale to keep Autodesk one step ahead of our adversaries!
You will report to Sr. Manager, Application Security Engineering. This is a hybrid position in Bengaluru, India.
Responsibilities
Define our application security strategies, standards, policies, and roadmaps and champion their implementation.
Guide product stakeholders and teams to incorporate security into the SDLC.
Evaluate the threat landscape through architecture reviews, secure code reviews, and threat models.
Explore new and emerging technologies to identify security solutions to fill gaps or enhance capability and security value.
Review output from SAST, DAST, and SCA tools and provide feedback on results.
Establish security metrics and define KPIs for the application security program.
Assist PSIRT with analysis on vulnerability reports submitted by researchers and root cause analysis.
Assist in creation of security training and workshops for application teams.
Minimum Qualifications
8+ years of experience in application security including web application experience, desktop application experience, and secure coding practices.
Familiarity with industry standards and frameworks, such as OWASP Top Ten Project, NIST Cybersecurity Framework, SSDF, SLSA, etc.
Expertise in threat modeling methodologies and tools.
Familiarity with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis tools and methodologies
Experience with cloud computing technologies, especially AWS (Amazon Web Services) or Azure.
Experience with Git, Jenkins, Artifactory, or other similar technologies.
Experience collaborating with distributed teams and other partners.
Preferred Qualifications
Proficiency with at least one common programming language such as Python, Golang, Java, C/C++, or Javascript.
Experience with PKI/certificates and cryptography.
#LI-CL1
Learn More
About Autodesk
Welcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk – our Culture Code is at the core of everything we do. Our values and ways of working help our people thrive and realize their potential, which leads to even better outcomes for our customers.
When you’re an Autodesker, you can be your whole, authentic self and do meaningful work that helps build a better future for all. Ready to shape the world and your future? Join us!
Salary transparency
Salary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, we also have a significant emphasis on discretionary annual cash bonuses, commissions for sales roles, stock or long-term incentive cash grants, and a comprehensive benefits package.
Diversity & Belonging
We take pride in cultivating a culture of belonging and an equitable workplace where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belonging
Are you an existing contractor or consultant with Autodesk?
Please search for open jobs and apply internally (not on this external site).