Sr. Application Security Engineer

Job Overview

The Senior Application Security Engineer will exhibit an unwavering commitment to the integration of cybersecurity into products and applications.

Success in this role will be attained through skillful collaboration with product engineering and software delivery teams across various projects and languages, adhering to and augmenting Hubbell’s established Secure Development Lifecycle (SDL) standards.

If you have a strong foundation in Software as a Service (SaaS) and embedded security, an interest in partnering with engineering teams to identify and address application security vulnerabilities across solutions that help electric, water, and gas utilities provide safe, reliable, and efficient operations of their distribution networks, and enjoy working with a world-class security team, then this might be the job for you.

LI-SL1

A Day In The Life

• Continuously refine and promote a comprehensive Secure Development Lifecycle (SDL) process throughout the entire product lifecycle.
• Advocate for the widespread adoption of this unified SDL approach, ensuring a holistic and standardized security framework.
• Establish robust enterprise-wide alliances with product engineering and software delivery teams.
• Cultivate a design-for-security ethos to guarantee secure solutions for Hubbell’s products, services, and tools, thereby contributing to business growth.
• Assess and facilitate secure coding training initiatives and the effective use of application security tools, particularly Static Application Security Testing (SAST) and Software Composition Analysis (SCA), for engineering teams.
• Assume the position of a security advisor for multiple products, leading critical activities such as security strategy reviews, security touchpoints, and final security reviews.
• Assist in the investigation, evaluation, prioritization, and remediation of security vulnerabilities.
• Stay abreast of new and emerging technologies and trends in product cybersecurity.
• Proactively identify developmental areas and seek expert knowledge to fortify Hubbell's risk mitigation strategies and enhance the delivery of secure solutions.
• Serve as a mentor to other members of the product security team, embodying Hubbell's leadership traits.

What will help you thrive in this role?

Required

• Bachelor's degree in computer science or related engineering discipline, or equivalent experience.
• 8+ years of experience in product development and security design focused on secure product delivery and testing tools.
• 5+ years of application security and security testing experience.
• Hands-on experience with two or more of the following : C / C++, C#.NET, ASP.Net, Java, Python, or Rust.
• In-depth knowledge of secure coding and DevSecOps practices.
• Experience using, configuring, and tuning application security tools, especially SAST and SCA.
• Possess excellent written, verbal, and interpersonal communication skills, demonstrating effective communication across all levels of the organization.
• Highly organized and able to work under tight timelines, while balancing competing demands.

Preferred

• Advanced understanding of security approaches and architectures applicable to utility communications and distribution automation solutions for operational technology (OT).
• Previous experience developing embedded products, web services and Service Oriented Architecture (SOA).
• Knowledge of NIST and international security standards for secure development practices.

Competencies