Lead Application Security Engineer
Do you enjoy dealing with the security challenges of a global organization
Do you enjoy being part of a successful team
Join our Digital Technology team
We operate at the heart of the digital transformation of our business. From Digital Engineering to enabling employee success, the Digital Technology team is driven to provide the best products and service.
Partner with the best
The Lead Application Security Engineer is a dynamic role requiring knowledge of security, secure development, application security tooling, pen testing and emerging AI/GenAI security risks. The engineer will lead key application security programs, partner with business segments to ensure adherence to secure development standards, and guide teams on application and AI/LLM vulnerability remediation.
In addition, the engineer will be responsible for application security tooling, identifying gaps in existing processes and tools, and enhancing support for development toolsets, including AI-enabled platforms and pipelines.
As a Lead Application Security Engineer, you will be responsible for:
- Collaborate with business segment cybersecurity teams on application security and AI security technology adoption
- Drive best practices and sound design principles through the Secure Software Development Lifecycle (SSDLC) for both traditional and AI-enabled applications
- Educate teams across Baker Hughes Power on secure development best practices, AI/GenAI security risks, tools, and methodologies
- Participate in code reviews across teams to ensure secure coding practices and secure AI model integration
- Manage key application security programs - including Container Security implementation and AI security enablement
- Lead projects to drive the assessment, operationalization, and adoption of new technologies, platforms, tools, and frameworks
- Pentest AI/LLM-based systems
- Drive adoption of practices aligned with OWASP Top 10 for LLM Applications
- Partner with engineering and data teams to ensure secure design, deployment, and monitoring of AI models and services
- and adoption of new technologies, platforms, tools, and frameworks
Fuel your passion
To be successful in this role you will :
- Have a Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math). Have a minimum 8 years of professional experience.
- Have working knowledge of application security services such as SAST, SCA, DAST, Container Security, and AI/GenAI security controls and pentest
- Have experience managing or deploying Container Security solutions and/or securing cloud-native workloads
- Have working knowledge of OWASP Web/API vulnerabilities and OWASP Top 10 for LLM/AI applications, along with compensating controls
- Have experience with Java / NodeJS / Go / PHP / Python / Ruby, with exposure to AI/ML frameworks or integrations (preferred)
- Have Software Development Lifecycle and application security testing experience, including security integration into CI/CD pipelines
- Have working knowledge of source control tools such as GitHub or Azure DevOps
- Have experience with Application Security solutions such as BlackDuck / Checkmarx / Prisma Container Security, and familiarity with AI/ML security tools or platforms is a plus
Work in a way that works for you
We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:
- Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive
Working with us
Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.
Working for you
Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:
- Contemporary work-life balance policies and wellbeing activities
- Comprehensive private medical care options
- Safety net of life insurance and disability programs
- Tailored financial programs
- Additional elected or voluntary benefits
The Baker Hughes internal title for this role is: Digital Technology Senior Specialist - Product Security
About Us:We are an energy technology company that provides solutions to energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward - making it safer, cleaner and more efficient for people and the planet.
Join Us:Are you seeking an opportunity to make a real difference in a company that values innovation and progress Join us and become part of a team of people who will challenge and inspire you! Let's come together and take energy forward.
Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
