Cyber Security Engineer

Graduate / Post Graduate in Computer Science / IT security or related fields.

5-7 years of IT experience and minimum 3 years' experience in IT Security.

Demonstrated Expertise In The Following.

Developing products and services for customers.

Security architecture and design.

Threat and risk analysis / threat modeling / security risk analysis.

Security vulnerability monitoring / 3rd party software security evaluation.

Security incident handling / security forensic analysis.

Automated security tooling / vulnerability scanning / code analysis.

Fuzz testing / penetration testing.

Secure coding and design guidelines / secure software development lifecycle processes.

HIPAA / HITECH regulations / FDA cybersecurity regulations for medical devices.

Standards: IEC 62443, NIST SP 800-x, IEC 80001, CLSI AUTO11-Ax, ISO 27001 etc Certified Information Systems Security Professional (CISSP) or Certified Secure Software Life.

cycle Professional (CSSLP) or equivalent demonstrated expertise is beneficial.

Areas Of Responsbility.

Support project teams in conducting the corresponding security activities during the.

development process, project management process and services and in product and.

solution release.

Participate in incident response teams, incident escalation.

Participate in threat and risk analysis workshops.

Provide expertise and support in security tools to product teams.

Conduct product and solution security training and development of training material.

Develop and maintain security guidelines and guidance for product development teams.

Collect product & solution security related lessons learned and feed into continuous.

improvement activities (e g update of guidelines, reporting to PSSOs, integration in.

awareness material).

Stay up-to-date on the latest security threats/technologies.

Support the development of the PSS community within the organization, with.

experience exchange internally and externally.

support multiple projects at the same time and should occupy the function.

for the main part of defined working time.

Contacts.

(internal/external).

Internal: CYSO, CYSEs within other business units, Product Owner, Project Manager,.

Development and Test team, Architect, Quality and Risk Management, Business.

Management.

External: Security Community, External companies (collaboration, standardization),.

Customer's security representatives.