Job Description

Driven by transformative digital technologies and trends, we are RIB and we’ve made it our purpose to propel the industry forward and make engineering and construction more efficient and sustainable. Built on deep industry expertise and best practice, and with our people at the heart of everything we do, we deliver the world's leading end-to-end lifecycle solutions that empower our industry to build better.

With a steadfast commitment to innovation and a keen eye on the future, RIB comprises over 2,500 talented individuals who extend our software’s reach to over 100 countries worldwide. We are experienced experts and professionals from different cultures and backgrounds and we collaborate closely to provide transformative software products, innovative thinking and professional services to our global market. Our strong teams across the globe enable sustainable product investment and enhancements, to keep our clients at the cutting-edge of engineering, infrastructure and construction technology.

We know our people are our success – join us to be part of a global force that uses innovation to enhance the way the world builds.

Find out more at RIB Careers

Job Title: Senior Product Security Engineer

Experience Required: 5-7 years

Location: Pune, India

Job Type:Full-time

Driven by transformative digital technologies and trends, here at RIBwe’vemade it our primary purpose to propel the industry forward and make engineering and construction more efficient and sustainable.

Managing the entire building lifecycle from planning to construction, the development of our powerful portfolio of software solutions is driven by industryexpertise, bestpracticeand a passion to remain at thecutting edgeof technology. Ultimately, connecting people,processesand data in innovative ways to ensure customers always complete projects within budget, on time and to quality, while reducing their carbon footprint.

RIB Software is a proud member of Schneider Electric.

As a Product Security Manageryou will own operational security for assigned RIB Software products, executing secure development lifecycle(SDL)requirements and ensuring compliance through coordinated security reviews and assessments Serves as the primary security point of contact for product teams while collecting evidence required for compliance.

This role requires a blend of hands-on technicalexpertise, security leadership, and the ability to work collaboratively across multidisciplinary teams includingSecurity Architects,Product Owners,Developers,Quality Engineers,DevOps, Security Operations, and Governance You will be a key driver in our mission to embed security intoeverystage of our products’lifecycles, frominitialdesign through to decommissioning and end-of-life

This roleoperatesin RIB's AI-augmented product security environment, you will be expected to incorporate AI tools into your security workflows, critically evaluate AI-generated outputs, and help embed AI-fluency practices withinSDLC of theproduct teams.

This role requires comfort and curiosity about working alongside AI tools. Youdon’tneed experience with specific tools – but youmust have experience incorporating AI tools into your workflow. Whether used for writing, research, coding, design, or analysis,you’veformed your own view on when AI adds value and when itdoesn’t, and you candescribe howyou’veadapted how you work as a result. You review AI output critically before accepting it.

KeyResponsibilities:

• Execute SDL requirements across the full product development lifecycle

• Driveregularthreatmodelling,security reviews,and risk assessments for assigned products

• Track and manage product-specific security issues through resolution, communicatingstatus to leadership

• Manage supply chain security risks for externally provided components used within the product.

• Collect andmaintaincompliance evidence forcompliancerequirements

• Coordinate security activities with development teams through Security Architects and Product Ownersin collaboration with our Vulnerability Assessment and Penetration Testing team.

• Identifyand refine security requirements applicable to the product across its lifecycle.

• Serve as primarycontactfor customer security discussions, assessments, and vulnerabilitydisclosure

• Support security training and assessment initiatives to ensure product teams havedemonstratedsecurityexpertise

• Mentor assigned Product Security Engineers through collaborative review and guidance (when PSE support isavailable)

• Contribute to the security architecture and roadmap by advising on evolving threats andnew technologies

• Leverage AI tools to accelerate security reviews, threat modelling, and vulnerability analysis and critically assess AI-generated outputs before accepting results.

• Assess AI-specific security risks in products that integrate LLMs, generative AI features, or AI-powered components (e.g., prompt injection, model data leakage, non-deterministic output handling).

• Empowerthe team'suse ofAI by sharing knowledge of effective human-AI collaboration practices inproduct development andsecurity workflows.

Qualifications and Experience:

• 5+years experiencein product security or application security

• Strong understanding of SDL processes and security compliance frameworks

• Proven ability to conduct security testing using SAST, DAST, and SCA tools

• Familiarity with one or more of C#, Typescript, Java, JavaScript, Dart, C++, Python, and/or Delphi

• Experience with vulnerability managementand risk assessment.

• Excellent communication skills for technical and business stakeholders

• Project management experience with cross-functional teams

• Ability to drive improvements in security culture

• Demonstrated ability to work independently and provide guidance to technical colleagues

• Bachelor's degree in Computer Science,Cybersecurity, or related field,or equivalentprofessional experience

Preferred Qualifications

• CSSLP or similar secure development certification

• Familiarity with cloud security best practices (preferably Azure)

• Experience with enterprise software security frameworks (SOC 2, ISO 27001)

• Experience with product or cloud security architecture

• Background in SaaS or enterprise software environments

• Hands-on experience evaluating security risks specific to AI/ML-integrated products (e.g., OWASP LLM Top 10, prompt injection, model supply chain risks).

• Familiarity with using AI-assisted security tooling (e.g., AI-powered SAST, vulnerability triage tools, or LLM-based code review assistants).

Reports To:Product Security Lead

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development. If you are a motivated self-starter with a passion forapplication security, we encourage you to apply for this exciting opportunity.

RIB may require all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.

RIB is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.

Come and join RIB to create the transformative technology that enables our customers to build a better world.