×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security Systems Engineer

Senior Product Security Assessor

Job in 411001, Pune, Maharashtra, India
Listing for: Generac
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security, Systems Engineer
Job Description & How to Apply Below
Primary Purpose
The Senior Product Security Assessor is responsible for performing structured, risk-based security assessments across Generac products and platforms, spanning backend cloud services, Dev Sec Ops  pipelines, and IoT devices. This role is assessment-focused rather than build-focused, combining deep technical understanding with strong analytical and documentation skills. The assessor evaluates architectures, implementations, and controls against established security requirements and standards, particularly IEC 62443, and provides clear, actionable remediation guidance to engineering teams.

This role aligns with the offshore Product Security engagement model and supports scalable, repeatable security reviews across the portfolio.

Major Responsibiliti
es
• Conduct end-to-end product security assessments for cloud services, backend systems, Dev Sec Ops  pipelines, and IoT devices against defined security requirement
s.
• Evaluate security controls across application, infrastructure, device, and pipeline layers to identify gaps, weaknesses, and non-conformance
s.
• Perform assessments aligned to IEC 62443 and internal Generac product security standard
s.
• Clearly document assessment scope, findings, compliance status, and overall security postur
e.
• Perform structured threat modeling for identified findings and architectural designs across cloud, device, and Dev Sec Ops  domain
s.
• Assess risk severity and potential impact, considering exploitability, exposure, and business contex
t.
• Translate technical findings into clear risk statements that engineering and product teams can act upo
n.
• Assess backend cloud architectures, including containerized workloads and orchestrated environments, for secure configuration, network segmentation, identity controls, and data protectio
n.
• Review container security practices such as image scanning, runtime protections, and least-privilege configuration
s.
• Evaluate cloud logging, monitoring, and incident detection capabilities to ensure adequate security observabilit
y.
• Assess CI and CD pipelines to ensure security controls are integrated and consistently applie
d.
• Review use of SAST, DAST, SCA, and infrastructure-as-code scanning within development workflow
s.
• Evaluate secrets management, key handling, and signing processes used in build and release pipeline
s.
• Identify gaps in automation, enforcement, or visibility that could introduce security ris
k.
• Conduct IoT device security assessments covering hardware, firmware, and embedded softwar
e.
• Evaluate secure boot, firmware signing, credential storage, encryption, and update mechanism
s.
• Assess protections against physical tampering, reverse engineering, and unauthorized firmware modificatio
n.
• Review device compliance against IEC 62443-based device security requirement
s.
• Produce clear, structured assessment reports that document findings, risk ratings, and compliance gap
s.
• Provide prioritized, risk-informed remediation recommendations that are practical and actionabl
e.
• Support engineering teams by clarifying findings, answering technical questions, and validating remediation evidenc
e.
• Execute assessments in alignment with defined Product Security engagement models and timeline
s.
• Participate in regular checkpoints, status updates, and structured feedback session
s.
• Ensure consistency and quality across assessments through standardized templates and methodologie

s.
Educat
ion Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or a related technical field. Equivalent practical experience is also valu

ed.
Work Experi
ence
• 5+ years of experience in product security, cloud security, Dev Sec Ops , or IoT security ro
les.
• 5+ years of IT audit experie
nce.
• The ability to manage up to 10 concurrent, complex aud
its.
Hands-on experience performing threat modeling, vulnerability assessments, and security revi
ews.
• Strong understanding of backend cloud architectures, container platforms, and CI and CD pipeli
nes.
• Experience with IEC 62443 compliance assessments or similar industrial cybersecurity standards in production environme
nts.
• Experience conducting security assessments of IoT or embedded…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search