Contract - Product Security Engineer (Polaris/BlackDuck)

Role:

Location:

Duration:

Hous:

Required Skills & Experience:

5 years experience in Software Security

MUST HAVE EXPERIENCE WITH PRE MARKET SECURITY TESTING ON HARDWARE OR SOFTWARE

Expertise in threat modelling, security risk management, secure coding, secure system development, and DevSecOps

Strong experience with Polaris, BlackDuck, Synk, or similar

Experience with security techniques, standards, and methods for authentication and authorization, applied cryptography, security vulnerabilities, and remediation in Windows .NET and Azure environments.

This role requires technical expertise, knowledge of safety-critical systems, and the ability to work in a team environment to ensure the security and resilience of our current and developing digital products. Responsibilities:

Understand and adhere to Quality Management System requirements

Contribute to the development/maintenance of threat models, product security risk documentation, and other QMS deliverables Identify and consult on requirements to help address and mitigate security risks and vulnerabilities.

Serve as subject matter expert to the development teams, be security-minded, and raise the level of understanding and compliance. Leverage tools like Polaris (Blackduck) to perform and triage SAST, DAST, and SCA scans.

Collaborate with the team on the security testing and security signals

Support compliance with regulatory requirements, industry standards, and internal policies governing product security.

Stay informed about new tools, regulations, standards, and best practices of the industry.