Product Security Engineer

Product Security Engineer

Join to apply for the Product Security Engineer role at Aspen Technology
.

The driving force behind our success has always been the people of Aspen Tech. What drives us is our aspiration, desire, and ambition to keep pushing the envelope, overcoming any hurdle, challenging the status quo to continually find a better way. You will experience these qualities of passion, pride, and aspiration in many ways— from a rich set of career development programs to support of community service projects to social events that foster fun and relationship building across our global community.

Digital Grid Management (DGM) is looking for a Product Security Engineer to join our Research & Development department. This role will help protect our clients, enable teams to deliver secure development, and position us for future security needs.

As a Product Security Engineer, you will help drive mitigation of risk through activities such as managing risks and vulnerabilities, facilitating assessments and communication with internal and external customers, and ensuring security documentation and compliance with security lifecycle activities for product security releases. This role will work closely with development teams, leadership, and teams across the organization. You will support the development and execution of product security strategic efforts to meet business and technology objectives, and maintain vigilance regarding industry threats, standards, regulations, and best practices.

• Responsible for supporting the design, implementation, and oversight of Product Secure Development Lifecycle, including security requirements, secure architecture and design, risk assessment, threat models, security scanning, triage, vulnerability management, security design reviews, and product security validation.
• Assist in the administration of product security practices to product teams, technology, and security champions across the organization.
• Drive Product Security efforts to resolve challenges, enable automation, and influence organization security culture.
• Monitor information security best practices, standards, regulations, and industry threats for continuous improvement.
• Maintain a deep understanding of current issues in information security and assess the impact of emerging changes on systems and practices.
• Monitor security bulletins and alerts from vendors, evaluate vulnerability impact, and formulate and execute risk mitigation plans.
• Member of the Aspen Tech Security Emergency Response Team (ASERT), providing expert analysis of security incidents and recommending best practices.

• Bachelor’s degree in computer science, computer engineering, electrical engineering, or related technical field.
• 1-3+ years of experience in Industrial Control Systems.
• Knowledge of information security regulatory requirements (privacy, secure by design, secure by default, defense in depth).
• Demonstrated ability to plan, design, develop, deploy, and maintain application security best practices.
• Ability to create automations for vulnerability management and other security processes.
• Ability to write concise security material for in-house and customer consumption.
• Broad understanding of information security frameworks including ISO 27001/2, NIST 800, NERC CIP.

Salary range: $81,800.00 - $. Eligible for bonus or variable incentive pay. Comprehensive benefits include paid time off, charitable giveback day, medical/dental/vision insurance, and retirement benefits.

We encourage referrals; referrals increase your chances of interviewing at Aspen Technology by 2x.