Sr. Product Security Engineer

Requirements

• Demonstrated hands-on experience in product security or application security, with a track record of conducting thorough security assessments of cloud-hosted applications and APIs. We are looking for people who have owned engagements.
• A strong foundation in how web applications and APIs fail from a security standpoint, including the classes of weakness covered by the OWASP Top 10 and OWASP API Security To

Additional Information

Xylem is a Fortune 500 global water solutions company dedicated to advancing sustainable impact and empowering the people who make water work every day. As a leading water technology company with 23,000 employees operating in over 150 countries, Xylem is at the forefront of addressing the world's most critical water challenges. We invite passionate individuals to join our team, dedicated to exceeding customer expectations through innovative and sustainable solutions. Welcome to Xylem Xylem (NYSE: XYL) is a Fortune 500 global water technology company with 23,000 employees operating in over 150 countries. Our purpose is clear: to empower our customers and communities to build a more water-secure world. Xylem's solutions are active in water systems that treat, transport, test, and monitor water for hundreds of millions of people. Since 2019, Xylem technology has helped customers reuse more than 18 billion cubic meters of water, reduce water loss across distribution networks, and protect communities from contamination and flood events. Water security is becoming one of the defining technology challenges of the next decade. The rapid growth of AI infrastructure, data centers, semiconductor fabrication, and advanced power generation is placing significant new demands on water systems worldwide. Xylem is working with utilities, industry, and technology companies to ensure water infrastructure can support the demands of a changing economy while remaining resilient for the communities that depend on it. As Xylem scales its digital and AI-enabled product portfolio, the security of those systems becomes directly connected to that mission. The products and platforms this team is responsible for are operational systems that utilities, municipalities, and industrial operators rely on to manage water safely and efficiently. Your New Role We are looking for an experienced Product Security Engineer to join our Global Product Security Engineering team in India. This is a senior individual contributor role for someone who has moved beyond operating tools and is ready to function as a trusted contributor to a team that works closely with product and engineering organizations. Product security at Xylem is focused on enabling informed, risk-based decisions. We work alongside engineering, architecture, and product leadership to understand what is being built, where the meaningful risk lives, and how to address it in ways that fit the business context. The assessments and findings you produce will feed directly into those decisions, giving the people who own them the technical clarity they need to act with confidence. The primary focus of this role is security assessment of cloud-hosted applications and APIs. As the portfolio continues to grow and AI-enabled products become a larger part of what Xylem delivers, the team's ability to assess those systems rigorously is increasingly important. This role sits at the center of that work. Your Role Responsibilities Lead security assessments of cloud-hosted applications and APIs, grounded in a thorough understanding of the application's business logic, threat model, and architecture. Assess modern identity and access control implementations, including OAuth2/OIDC, SAML, and JWT, with the ability to reason about design-level weaknesses. Produce assessment reports that give engineering and product leadership the context they need to make sound, risk-based decisions. Work directly with engineering and product teams through the resolution process, applying the judgment needed to evaluate whether a proposed control genuinely reduces risk. Conduct threat modeling and architecture reviews early in the design process, helping teams understand the security implications of their choices. Contribute to the standards, assessment methodologies, and tooling that define how product security work is conducted across the portfolio. Support the product security incident response function (PSIRT) as needed, helping teams understand the significance of externally reported security issues and supporting coordinated disclosure. Stay current on application, API, and AI security developments and bring that knowledge back to the team in ways the team can use.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Xylem? Share your experience