Software Technologist - Security Engineer
Indexed description
Software Technologist - Security Engineer
Job Description
Minimum required Education:
Bachelor's Degree in Computer Science, Software Engineering, Information Technology OR Vocational Education in Information Technology or equivalent.
Minimum Required Experience
We are looking for a highly skilled Application Security Engineer with strong software engineering experience in Java and/or C#/.NET, who can drive security throughout the software development lifecycle.
The ideal candidate will combine deep application security expertise with hands-on development experience to design, build, review, and secure modern cloud-native applications, APIs, and microservices.
This role requires collaboration with engineering, architecture, DevOps, cloud, and product teams to embed security controls, identify vulnerabilities, and ensure secure-by-design solutions across enterprise platforms.
Job Title
Software Technologist - Security Engineer
Your Role
- Design and implement authentication, authorization, and identity management solutions.
- Remediate vulnerabilities and reduce application security risk.
- Evaluate and recommend security technologies, frameworks, and architectural patterns.
- 5–8 years of experience in software engineering, application development, or application security.
- Minimum 3+ years of hands-on experience implementing secure coding practices and application security controls.
- Proven experience working with enterprise-scale applications and distributed systems.
- Strong expertise in secure software development using:
- Java, Spring Boot, Spring Security
- C#, ASP.NET Core, .NET Framework/.NET Core
- Deep understanding of:
- Security-by-Design principles
- Secure coding standards
- Experience performing:
- Secure code reviews/ design reviews
- Threat modeling exercises
- Vulnerability risk assessments
- Knowledge of common software vulnerabilities including:
- SQL Injection/XSS/CSRF/RCE
- Broken Authentication & Authorization
- Strong experience implementing:
- OAuth2
- OpenID Connect (OIDC)
- JWT
- SAML
- Multi-Factor Authentication (MFA)
- Experience securing:
- REST APIs
- gRPC services
- Strong understanding of:
- Identity and Access Management (IAM)
- Role-Based Access Control (RBAC)
- Secrets Management
- Data Protection and Encryption
- Experience with security testing tools and processes:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Container Security Scanning
- Familiarity with tools such as:
- SonarQube
- GHAS
- Burp Suite
- Experience triaging and remediating vulnerabilities identified through:
- Penetration Testing
- Security Assessments
- Bug Bounty programs
- Automated Security Scans
- Hands-on experience with:
- Microsoft Azure and/or AWS
- Knowledge of cloud security services:
- Azure Key Vault / AWS Secrets Manager
- AWS IAM
- Experience integrating security controls within CI/CD pipelines:
- GitHub Actions
- Experience with:
- Docker
- Kubernetes
- Experience implementing:
- Database security controls
- Encryption at rest and in transit
- Data masking
- Secure data access patterns
- Understanding of privacy and regulatory requirements related to sensitive data.
Onsite roles require full-time presence in the company’s facilities.
Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.
Indicate if this role is an office/field/onsite role.
About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
- Learn more about our business.
- Discover our rich and exciting history.
- Learn more about our purpose.
#ConnectedCare
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search