Staff Cybersecurity Analyst

Please Note:1. If you are a first time user, please create your candidate login account before you apply for a job. (Click Sign In > Create Account)2. If you already have a Candidate Account, please Sign-In before you apply.Job Description:Broadcom Software Staff Cybersecurity Analyst (ICB-4)Hyderabad, Telangana, India We are seeking a seasoned Senior Security Analyst with a strong focus on threat modeling, product security postures, and advanced security testing methodologies for both on-premises and cloud-based products. The ideal candidate will have extensive experience in a range of Application Security Testing (AST) techniques, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), Mobile Application Security Testing (MAST), Fuzz Testing, Behavioral Analysis, Protocol Analysis, and Data Flow Analysis. This role requires proficiency in threat and vulnerability management, coupled with a deep understanding of industry-leading security tools and frameworks.  What you will accomplishThe Staff Security Analyst will play a critical role in enhancing our security posture, ensuring the resilience of our products against emerging threats, and driving continuous improvement in our security practices. Additionally, the candidate should possess expertise in implementing security within DevSecOps pipelines, championing a culture of security throughout the software development lifecycle, and leveraging SIEM solutions for comprehensive security monitoring and incident response. In this role, you can expect to: Lead and conduct threat modeling exercises to identify potential security vulnerabilities and design effective mitigation strategies.Assess and enhance product security postures through comprehensive security assessments, including SAST, DAST, IAST, SCA, MAST, Fuzz Testing, Behavioral Analysis, Protocol Analysis, and Data Flow Analysis methodologies.Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle, with a focus on DevSecOps principles. Utilize a range of AST techniques and tools to implement security within CI/CD pipelines.Develop and maintain security testing frameworks, scripts, and automation tools to streamline security testing processes across various AST techniques.Perform in-depth analysis of security test results, identify security gaps, and provide actionable recommendations for remediation.Manage and prioritize security vulnerabilities identified through security testing and coordinate remediation efforts across relevant teams.Stay abreast of the latest security threats, vulnerabilities, and industry trends to proactively address emerging risks.Evaluate, implement, and optimize security tools and technologies, leveraging a combination of industry-leading solutions and AST techniques, to enhance our security capabilities in the DevSecOps pipeline.Research and assess other industry-leading security tools and platforms to continuously improve our security practices and maintain alignment with emerging threats and technologies.Develop and deliver insightful security reports, presentations, and recommendations to key stakeholders, including technical and non-technical audiences.  Skills & experienceTo qualify for this position, you must have:Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree or relevant certifications (e.g., CISSP, CISM, CEH) preferred.Minimum of 10 years of experience in information security, with a focus on threat modeling, security testing, and vulnerability management.Proven expertise in a range of Application Security Testing (AST) techniques, including SAST, DAST, IAST, SCA, MAST, Fuzz Testing, Behavioral Analysis, Protocol Analysis, and Data Flow Analysis.Extensive experience in designing, implementing, and managing security controls for on-premises and cloud-based environments.Strong proficiency in programming/scripting languages (e.g., Python, Java, JavaScript) and familiarity with security testing frameworks and tools.Hands-on experience with industry-leading security tools such as Black Duck, Coverity, Lacework, Terraform, Docker Security, Jenkins, and AWS Secrets Manager, among others.Experience with DevSecOps practices and integrating security into DevOps workflows and CI/CD pipelines.Excellent communication skills, with the ability to effectively articulate complex security concepts to both technical and non-technical audiences.Strong analytical skills with a keen attention to detail, coupled with the ability to think critically and solve complex security problems.Demonstrated ability to work collaboratively in a cross-functional team environment and drive security initiatives to completion. To be successful, you will come to this role with solid coding, system design skills and a collaborative mindset:Experience working in a Software as a Service (SaaS) environment or with cloud-native technologies.Familiarity with container security technologies (e.g., Docker, Kubernetes) and microservices architectures.Knowledge of regulatory compliance requirements (e.g., GDPR, HIPAA, PCI-DSS) and industry standards (e.g., NIST, ISO 27001).Experience with threat intelligence platforms and security information and event management (SIEM) solutions.Contributions to the security community through research, presentations, or participation in security-related forums and conferences. Broadcom Software - Agile Operations DivisionJoin Broadcom Software (#BroadcomSW), a world leader in business-critical software that modernizes, optimizes, and protects the world’s most complex hybrid environments. With our engineering-centered culture, we are building an extensive portfolio of industry-leading infrastructure and security software. Together, we solve big customer problems with some of the top technical talent in the industry. In the Agile Operations Division, we offer business-critical software solutions that help the world’s leading companies transform their operating model to be more agile. Our ValueOps, NetOps, and Automation solutions help these organizations drive innovation and achieve operational excellence to realize better business outcomes – and better experiences for their customers. Our industry success is built on a decades-long track record of delivering transformational solutions to teams who plan, build, test, and operate mission-critical software for the world’s largest and most complex businesses. To do this, we respond quickly and thoughtfully, innovate in the context of customer needs, and collaborate inclusively with customers and internal partners. Our business will nurture your intellect and give you opportunities to expand your skills even further.  Broadcom is proud to be an equal opportunity employer.  We will consider qualified applicants without regard to race, color, creed, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability status, medical condition, pregnancy, protected veteran status or any other characteristic protected by federal, state, or local law.  We will also consider qualified applicants with arrest and conviction records consistent with local law.If you are located outside USA, please be sure to fill out a home address as this will be used for future correspondence.