Senior Information Security Engineer

Information Blurb We are looking for an enthusiastic and creative Senior Product Security Engineer to join our Cyber Security Team. This is an amazing opportunity to work with industry leading security tools and technologies. The team consists of 25 security professionals that report to the Chief Information Security Officer. Our focus is on many aspects of application security, including Penetration Testing, Vulnerability Management, Secure Development, Threat Modeling, WAF, and much more, and we would love to speak with you if you have skills in Securing Container Based Applications and Building Security Into CI/CD Pipelines.About You – experience, education, skills, and accomplishments  Bachelor’s degree in computer science or equivalent experience3+ years of hands-on technical experience designing, implementing, and supporting information security solutions in enterprise and cloud environments1+ years of experience in configuration management or secure system design3+ years of technical experience with Linux, Windows and Mac OS X operating systems3+ years of experience scripting in Powershell, Bash, Python, etc. It would be great if you also had . . .  CISSP, SANS GIAC, or other industry certificationsUnderstanding of OWASP frameworkExperience securing serverless and container-based applicationsStrong knowledge of security principles and technologies in application, infrastructure, network, cloud and endpoint securityScripting and development of security toolsStrong self-directed work habits exhibiting initiative, drive, creativity, maturity, self-assurance, professionalism and the ability to autonomously manage multiple concurrent projects What will you be doing in this role? Build threat models and conduct risk assessments.Performing technical security assessments on our web applications, internal services, and partner applications.Perform design and code reviews, both manual and with analysis tools.Seek opportunities to optimize tools / technology & processes when appropriateScale the security engineering initiatives through direct mentorship of security champions.Identify emerging classes of vulnerabilities and drive closure on remediations and prevention.Efficiently perform offensive security testing and work with vendors on 3rd party penetration test exercisesEmbed security assurance scans as an integral part of CI/CD pipeline and influence shift left approach to security Product you will be developingWe are looking for an individual who will help our team take our product security program to the next level. As a senior product security engineer, you will help ensure that our applications are built to our security standards. You will make sure we do not deploy vulnerable software; help design hardened applications as well as manage our container risk footprint.About the Team   We are a team of security professionals from various walks of life with diverse experience. The team consists of 25 security professionals that report to the Chief Information Security Officer. We are spread out across the world with team members located in North America, Europe, and Asia. The manager for this role is in North America. As a security team, our focus lies in four main areas (pillars) – Security Engineering and Operations, Product security, Security Architecture, and Governance Risk and Compliance. Hours of Work  Most of the time, you will be expected to work regular business hours (India). However, everyone on the team wears an incident responder’s hat, so there will be rare instances when you will work outside of the business hours to support the incident response activities.At Clarivate, we are committed to providing equal employment opportunities for all persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.