Role Overview:
The Product Security Engineer is a dedicated security advocate embedded within the product development lifecycle, responsible for ensuring that secure design, development, and testing practices are consistently applied. They work closely with development teams during security reviews, triage findings from automated scans (e.g., SAST, SCA, DAST), and drive proactive threat modeling. Additionally, they help plan, coordinate, and support security prioritization efforts and risk communication.
This is a Hybrid position based in Bangalore. You must be within a commutable distance from the location. You will be required to be onsite on an as-needed basis; when not working onsite, you will work remotely from your home location.
About the Role:
- Act as a point of contact for developers during security reviews, offering expert guidance on addressing vulnerabilities and implementing secure coding practices.
- Provide technical mentorship and training to development and QA teams on secure design principles and secure software development lifecycle practices.
- Collaborate with developers and architects to prioritize findings based on exploitability, impact, and business context.
- Advice on secure design patterns and defensive coding practices, embedding security early in the SDLC.
- Drive tooling improvements, integrating static analysis tools more effectively into CI/CD pipelines for speed and accuracy.
About You:
- You should have 5 to 7 years of experience in one (or more) programming languages like Swift / Go / Python or similar object-oriented language.
- You have knowledge of networking protocols such as HTTP, DNS and TCP/ IP.
- You are experienced in analyzing and triaging findings from SAST, SCA and DAST tools and translating them into actionable developer guidance.
- You have a solid understanding of secure coding practices, OWASP Top 10, CWE and modern application architectures like microservices and cloud-native apps.
- You have strong technical knowledge of application security, with hands-on experience in secure software development and security tooling across the SDLC.
- Benefit if you have led or facilitated threat modeling sessions and are confident identifying risks in design and architecture discussions.
#LI- Hybrid
Company Overview
McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users’ needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment.
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We’re proud to be Great Place to Work® Certified in 10 countries, a reflection of the supportive, empowering environment we’ve built where people feel seen, valued, and energized to reach their full potential and thrive.
We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Bonus Program
- Pension and Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.