Senior Engineer, Product Security - News Corp Job in News Corp

What You ll Do We are seeking an experienced and skilled Sr Product Security Engineer to join our team and spearhead the Product Security Life Cycle. In this critical role, you will collaborate closely with Global product teams, develop threat models, coordinate penetration tests, and facilitate the resolution of security issues. Your expertise will be crucial in developing and maintaining our application security pipeline automation while ensuring compliance with industry standards and best practices. Responsibilities Establish and maintain strong relationships with product engineering teams, providing guidance on application security processes and objectives. Create comprehensive threat models and attack trees for our products, identifying potential vulnerabilities and areas for improvement. Manage the penetration testing process, working closely with third-party testers to generate detailed reports, recommend remediation strategies, and effectively communicate results to development teams and product owners. Ensure product risk levels align with business requirements and oversee the creation of risk memorandums with product owner sign-off. Collaborate with audit teams to guarantee compliance with relevant regulations and standards. Support GRC initiatives by conveying risk levels, enabling informed decisions on retesting schedules and priorities. Serve as a SME for product security, providing insights and recommendations to enhance overall security posture. Required Experience & Qualifications Degree in Technology, Computer Science/Engineering, Cybersecurity, a related field or equivalent experience Strong background in Application Security techniques and best practices Strong Problem Solving and Troubleshooting skills within automation scripts Possess excellent interpersonal and communication skills required to partner with other leaders across the global business to identify opportunities and risks Proficiency in threat modelling and risk assessment methodologies Solid understanding of Software Development principles Experience with programming languages such as Bash, Python, Node, and TypeScript. At Least one programming language is a MUST Knowledge of penetration testing processes and report generation Expertise in leading security assessments within AWS environments Familiarity with development tools (e.g., Git, Jenkins, Maven) Hands-on experience with security testing tools, including Snyk, Checkmarx, Nikto, and Nmap Proficiency in SAST, DAST, and SCA vulnerability triage and assessment Agile project management experience (e.g., Jira) This job is posted with NTS Technology Services Pvt. Ltd.