Devsecops Engineer

DevSecOps Engineer

Avery Dennison Corporation is a global materials science and digital identification solutions company. We are Making Possible™ products and solutions that help advance the industries we serve, providing branding and information solutions that optimize labor and supply chain efficiency, reduce waste, advance sustainability, circularity and transparency, and better connect brands and consumers. We design and develop labeling and functional materials, radio-frequency identification (RFID) inlays and tags, software applications that connect the physical and digital, and offerings that enhance branded packaging and carry or display information that improves the customer experience. Serving industries worldwide — including home and personal care, apparel, general retail, e-commerce, logistics, food and grocery, pharmaceuticals and automotive — we employ approximately 35,000 employees in more than 50 countries. Our reported sales in 2024 were $8.8 billion.

We're not just a global leader in materials science and branding solutions; we're a team of passionate individuals committed to bringing brands to life and transforming how businesses connect with their customers. Whether through our Embelex platform, empowering creativity with on-product branding, or our Aftermarket solutions, optimizing apparel production and supply chains, we work together to solve complex challenges and create a more sustainable future.

Our vision unites us: Together, we connect the physical and digital to solve some of the world's most complex challenges.

Avery Dennison is looking for a dedicated security expert to help identify and address security vulnerabilities in the solutions we provide to our clients. In this role, you'll lead initiatives that safeguard the security and integrity of our products, working closely with engineering and product teams to offer the expertise they need for making secure product decisions. As a Product Security Engineer, you'll explore diverse challenges, working with various technology stacks, including cloud, IoT ecosystems, and custom software and hardware. You will collaborate directly with product teams to review application code, uncover complex vulnerabilities, and guide them in reducing security risks. Additionally, you'll develop frameworks and tools to automate vulnerability detection.

What You'll Do:

• Works closely with the Product Engineering team to review technical documents for customer solutions to ensure security is integrated into Avery Dennison's digital and hardware products.
• Engage and collaborate with leaders and teams across infrastructure, engineering, operations, product development and legal to integrate trust and security principles throughout the product life cycle.
• Review technical designs and ensure alignment with security best practices.
• Help define and enforce security standards and best practices around product development.
• Conduct security assessments, code analysis, penetration testing, and threat modeling for new and existing products, identifying product vulnerabilities specific to software and hardware.
• Work closely with product managers, engineers, and architects to embed security into the product lifecycle.
• Champion secure coding practices, vulnerability management, and secure design principles.
• Communicate security risks, findings, and recommendations to relevant stakeholders.
• Stay informed about emerging threats and vulnerabilities.

Qualifications:

• 5+ years familiarity securing cloud, mobile, client/server software and embedded software systems.
• 3+ years experience with software development and product security or a related field.
• Strong understanding of cloud security (e.g., AWS, Azure), IoT security, and Android security.
• Experience on projects with cross functional teams and both internal and external stakeholders.
• Experience working with engineering teams deploying products.
• Excellent communication (written and oral) skills.
• Familiarity with encryption, authentication, and secure communication protocols.
• Strong problem-solving skills and the ability to communicate complex security concepts to both technical and non-technical audiences.
• Experience with secure coding principles and code review for vulnerabilities.