Senior Product Security Engineer - Chennai, TN, India

NielsenIQ is advancing its Application Security programs and is seeking an experienced Application Security Engineer to support the widespread implementation of DevSecOps capabilities and practices across all global geographies and business units.

In this role, you will be instrumental in integrating, maintaining, and analyzing the tools and technologies essential for securing NIQ products and applications throughout their development lifecycle. You will manage application security capabilities within a complex, multinational matrixed environment. This position offers the opportunity to evaluate and potentially replace current Static and Dynamic Application Security Testing (SAST/DAST) tools, and to champion the technology stack used for security monitoring.

You will collaborate closely with development/engineering teams, business units, and both technical and non-technical stakeholders. Your responsibilities will include educating these groups and driving the adoption and maturity of NIQ’s Product & Application Security programs.

Responsibilities

• Contribute to the strategic initiatives of the Product Security Engineering and Cybersecurity teams.
• Partner with engineering teams (Developers, SREs, QAs) to ensure product security at delivery and implement robust security capabilities.
• Actively participate in building and maintaining Product Security team tools and services, including integrating security tools into CI/CD pipelines.
• Report on key performance indicators (KPIs) to enhance the security posture of engineering teams.
• Contribute to the Product Security Engineering team's security education program and foster the organization's DevSecOps and application security community of practice.
• Review cloud IaaS/PaaS architecture roadmaps, recommend baseline security controls and hardening requirements, and support threat modeling for NIQ products.

Qualifications

• Minimum of 6 years of experience in a technical/hands-on application security, development, or DevOps professional capacity.
• Proficiency in web stack technologies, web security principles, and understanding of common vulnerabilities (e.g., SQLi, XSS).
• Experience deploying containers using CI/CD pipeline tools such as GitHub Actions, Gitlab Pipelines, Jenkins, and infrastructure as code tools like Terraform or Helm.
• Demonstrated self-starter mentality, a passion for technology and security, and an enthusiastic approach to problem-solving.
• A commitment to continuous learning and a high level of curiosity.

Preferred Qualifications (Bonus Points)

• Experience developing serverless functions in cloud environments.
• Knowledge of Cloud Workload Protection.
• Hands-on experience with SAST and DAST tools.
• Active participation in security conferences, training, continuous learning, or professional security associations is highly valued and supported.
• The ability to think critically and adopt a hacker's mindset.

Benefits

• Flexible working environment
• Volunteer time off
• LinkedIn Learning access
• Employee Assistance Program (EAP)