Product Security Engineer

Posted:
5/30/2024, 5:00:00 PM

Location(s):
Illinois, United States

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

Join Xylem in the global mission to #LetsSolveWater! As a leading water technology company with 23,000 employees operating in over 150 countries, Xylem is at the forefront of addressing the world's most critical water challenges. We invite passionate individuals to join our team, dedicated to exceeding customer expectations through innovative and sustainable solutions.

We’re Hiring for a Product Security Engineer!    

If you are excited and passionate about helping #LetsSolveWater, consider joining our team today!  Xylem, Inc. is a leading global water technology company servicing more than 150 countries and is dedicated to solving the world’s most challenging water issues.  We are looking for individuals to join our mission by exceeding customer expectations through smart sustainable solutions.  At Xylem, you will have the opportunity to solve water by participating in our paid Volunteer Program, Xylem Watermark! 

As member of Xylem’s Product Security team, the Security Engineer is responsible for the implementation and execution of security programs and practices to support a growing, global water technology company. This position will work across software and firmware development teams to identify component and system level technical risks and evaluate critical failure points, determine technical security controls to mitigate risks, and work with cross functional teams to implement features according to product road maps. You will lead security standards implementation, penetration testing for our entire product portfolio. Your passion for security and in-depth knowledge of Product Security will ensure that you deliver high impact results.

Essential Duties/Principal Responsibilities:

  • Work with the business, devops and systems teams to identify the right architecture for implementing new solutions, products and modules. Develop, implement and maintain product security strategy for the entire product portfolio covering IoT and, Smart-device suites
  • Conduct complete lifecycle security architecture and technical assessments for a wide range of products, including embedded devices, enterprise software solutions, and mobile apps
  • Engage in application and domain-specific threat modeling and attack surface analysis and reduction
  • Provide guidance and leadership on best practices regarding security in software and firmware development
  • Contribute to the development and evolution of the application and infrastructure security reference architecture. Develop, implement and maintain the security architecture for Xylem product portfolio
  • Champion the Xylem security SDLC. This includes threat modeling, security testing, penetration testing, and identifying and fixing vulnerabilities in software and applications on all Xylem products.
  • Implement or manage the implementation of common application security controls
  • Assist other developers in remediating vulnerability findings by providing line-by-line guidance.
  • Provide training and education to developers on software security best practices.
  • Expert level operational support for security escalations from customers
  • Participation in Xylem Watermark volunteer activities

Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:

  • BS in Computer Science or equivalent with 5-years of experience
  • Demonstrated expertise in product/application security architecture, Network security, application security, web services
  • Experience with SAST, DAST, SCA and penetration testing tools
  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 IoT Top 10 and CWE Top 25
  • Meaningful experience in multiple programming languages
  • Solid knowledge of the browser security model, crypto, and network security. Attacker mindset: Real passion for breaking all the things unbreakable.
  • Knowledge of secure infrastructure architectures, application architectures, encryption, Cloud Security and broader security technologies.
  • Strong operating systems knowledge Windows (all flavors), Debian Linux
  • IoT network technologies (such as Bluetooth/BLE, WLAN, Z-Wave, Zigbee, identity/auth security)
  • Experience with wireless technologies such as CDMA, E-HRPD, GSM, UMTS, TDS-CDMA, LTE-FDD / LTE-TDD, and 5Gexperience with Android RIL, Telephony, C and Embedded RTOS.
  • Scripting knowledge Linux scripting (bash), Windows scripting, Python or Perl
  • Strong English communication skills, including written and spoken, is required.

We Offer You More Than Just “A Job”

  • Professional Development – To advance the capabilities of our people, we offer a wide variety of experiences to support our employees’ professional growth and continuous learning.
  • Total Rewards – We offer comprehensive programs for compensation, benefits, recognition, learning and development, work-life integration and corporate citizenship.
  • Watermark – Watermark is our corporate social responsibility program working to provide education and access to safe water to ensure healthy lives, gender equality, and resilient communities. Employees have the opportunity to learn and volunteer on various water-related projects.
  • Employee Networks – Our Employee Networks provide a professional, supportive network for employees from diverse backgrounds, including Women’s, LGBT+ and Allies, Veteran’s, People of Color and Allies, Hispanic Origin & Latin Affinity, Emerging Leaders, and Working Parents Networks.

Physical Demands/Work Environment:

(The physical demands and work environment described here are representative of those an employee encounters and must be met to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Regularly required to sit or stand, reach, bend, and move about the facility
  • Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements
  • Standard weekly job hours

At Xylem, we embrace diversity and strive to create avenues where employees feel valued and appreciated through our DE&I initiatives and Employee Resources Groups (ERG).  Xylem is proud to be an Equal Employment Opportunity and Affirmative Action workplace.  Xylem prohibits discrimination, harassment of any kind and does not discriminate in employment on the basis of race, color, religion, sex or sexual orientation (including pregnancy and gender identity), national origin, political affiliation, marital status, medical conditions or disability, genetic information, age, or other non-merit factors.   

Join the global Xylem team today!  Xylem is a team creating advanced technology solutions to the world’s water challenges through developing new technologies and services that will improve the way water is used, conserved, and re-used in the future is central to our work. Our products and services move, treat, analyze, monitor, and return water to the environment, in public utility, industrial, residential, and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced analytics solutions for water, electric and gas utilities. 

Disclaimer: The information listed within this job description is designed to indicate the general nature of work expected for this position and shall not be viewed as a comprehensive inventory of all duties, responsibilities, and qualifications required in this position.  Employees must be able to perform the essential functions of the position satisfactorily and if requested, reasonable accommodations will be made to enable employees with disabilities to perform the essential functions of their job absent undue hardship.  Xylem reserves the right to modify this job description or assign other duties to this position as needed.

Salary range:

$70,500.00 - $126,500.00

Join the global Xylem team to be a part of innovative technology solutions transforming water usage, conservation, and re-use. Our products impact public utilities, industrial sectors, residential areas, and commercial buildings, with a commitment to providing smart metering, network technologies, and advanced analytics for water, electric, and gas utilities. Partner with us in creating a world where water challenges are met with ingenuity and dedication; where we recognize the power of diversity, equity and inclusion in driving innovation and allowing us to compete more effectively around the world.

At Xylem, you'll not only contribute to solving water issues but also have the chance to make a difference through our paid Volunteer Program, Xylem Watermark. We embrace diversity and prioritize our employees' well-being through our DE&I initiatives and Employee Resource Groups (ERG). Proud to be an Equal Employment Opportunity (including disability and veterans) and Affirmative Action workplace, Xylem fosters an inclusive environment free from discrimination or harassment. 

 

Please note that the information in this job description outlines the general nature of the position and is not an exhaustive list of duties. Xylem is dedicated to providing reasonable accommodations to enable all employees to perform their essential job functions. We reserve the right to modify this job description and assign additional duties as needed. Embrace the opportunity to be part of Xylem's transformative journey in shaping the future of water technology! #XylemCareers #GlobalImpact #WaterInnovation