Product Developer- SAST

Basic Information







Date Published


Job ID


Travel Amount


Description and Requirements

"At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud!  We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! 


Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to know more and how to apply.

BU Description:

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. The candidate will be responsible for engaging with various product teams on secure code reviews and security architecture reviews. As a product security engineer at BMC, you will leverage your security expertise to improve the security posture for BMC products.

Roles and Responsibilities:

  • You will provide subject matter expertise for application security.
  • Perform secure code reviews for BMC products to detect vulnerabilities.
  • Guide product teams for remediating vulnerabilities as per the BMC secure coding standards.
  • Engage in secure design reviews to identify security flaws and provide remediation guidelines.
  • Drive product security initiatives across BMC.


  • Experience with Static Application Security Testing is required.
  • Experience with secure code review (SAST) tools for C/C++, Java, and Python languages and relevant frameworks such as Microfocus’s Fortify.
  • Deep understanding of attacks related to OWASP Top 10 vulnerabilities and how to remediate them.
  • Experience in architecture reviews and threat modeling.
  • Candidates with prior software development experience will be preferred.
  • Experience in product security (combination of web, mobile, API, cloud, infrastructure and container security) or equivalent skillset is preferred.

Our commitment to you! • BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! • If after reading the above, You’re Unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! It is the policy of BMC Software to afford equal opportunity for employment to all individuals regardless of race, color, creed, sex, age, sexual orientation, national origin, disability, ancestry, citizenship status, political affiliation, religion, gender, transgender, gender identity, gender expression, marital status, status as a parent, disabled veteran or status as a protected veteran, genetic information or other factors prohibited by law, and to prohibit harassment or retaliation based on any of these factors. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.

Min salary


Max salary