Job Description
Job Title
Software Technologist - Security EngineerJob Description
Minimum required Education:
Bachelor's Degree in Computer Science, Software Engineering, Information Technology OR Vocational Education in Information Technology or equivalent.
Minimum required Experience:
We are looking for a highly skilled Application Security Engineer with strong software engineering experience in Java and/or C#/.NET, who can drive security throughout the software development lifecycle.
The ideal candidate will combine deep application security expertise with hands-on development experience to design, build, review, and secure modern cloud-native applications, APIs, and microservices.
This role requires collaboration with engineering, architecture, DevOps, cloud, and product teams to embed security controls, identify vulnerabilities, and ensure secure-by-design solutions across enterprise platforms.
Job title:
Software Technologist - Security Engineer
Your role:
- Design and implement authentication, authorization, and identity management solutions.
- Remediate vulnerabilities and reduce application security risk.
- Evaluate and recommend security technologies, frameworks, and architectural patterns.
You're the right fit if:
Experience
- 5–8 years of experience in software engineering, application development, or application security.
- Minimum 3+ years of hands-on experience implementing secure coding practices and application security controls.
- Proven experience working with enterprise-scale applications and distributed systems.
Secure Software Development
- Strong expertise in secure software development using:
- Java, Spring Boot, Spring Security
- C#, ASP.NET Core, .NET Framework/.NET Core
- Deep understanding of:
- Security-by-Design principles
- Secure coding standards
- Experience performing:
- Secure code reviews/ design reviews
- Threat modeling exercises
- Vulnerability risk assessments
- Knowledge of common software vulnerabilities including:
- SQL Injection/XSS/CSRF/RCE
- Broken Authentication & Authorization
Application Security
- Strong experience implementing:
- OAuth2
- OpenID Connect (OIDC)
- JWT
- SAML
- Multi-Factor Authentication (MFA)
- Experience securing:
- REST APIs
- gRPC services
- Strong understanding of:
- Identity and Access Management (IAM)
- Role-Based Access Control (RBAC)
- Secrets Management
- Data Protection and Encryption
Security Testing & Vulnerability Management
- Experience with security testing tools and processes:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Container Security Scanning
- Familiarity with tools such as:
- SonarQube
- GHAS
- Burp Suite
- Experience triaging and remediating vulnerabilities identified through:
- Penetration Testing
- Security Assessments
- Bug Bounty programs
- Automated Security Scans
Cloud & DevSecOps
- Hands-on experience with:
- Microsoft Azure and/or AWS
- Knowledge of cloud security services:
- Azure Key Vault / AWS Secrets Manager
- AWS IAM
- Experience integrating security controls within CI/CD pipelines:
- GitHub Actions
- Experience with:
- Docker
- Kubernetes
Database & Data Security
- Experience implementing:
- Database security controls
- Encryption at rest and in transit
- Data masking
- Secure data access patterns
- Understanding of privacy and regulatory requirements related to sensitive data.
How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week.
Onsite roles require full-time presence in the company’s facilities.
Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.
Indicate if this role is an office/field/onsite role.
About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about our business.
• Discover our rich and exciting history.
• Learn more about our purpose.
If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here.
#LI-EU
#LI-Hybrid
#ConnectedCare
