Job
Description
We are looking for a Product & Solution Security Professional Youll make a difference by: Mandatory Skills - Needs to be specialized in at least one/two of different areas: Secure Architecture & Design, Threat & Risk Analysis, Secure Project Integration. Network security firewall & network IDS, IPS PSSE will be primarily involved in the secure architecture and design, defines secure design principles, supports selection of secure suppliers and technologies and the development of secure configuration standards and security topics such as IDS, security patch management or Anti-Virus systems must be considered. Also, as part of project integration- defines, supervises, and tests the components/ subsystems with regards to system security, defines and establishes zones and conduits taking physical security concerns into account and prepares and performs security handover of complex systems to customers. Supports and consults the project leaders in implementing the required product & solution security. Supports project teams in conducting the corresponding security activities during the project execution process and / or services. Can support multiple projects and should occupy the function for the main part of is defined working time. Reports to the Project / Functional Lead and the Product & Solution Security Officer. Specification and maintenance of secure coding, secure design guidelines, configuration, and hardening guidelines Synchronize adequately with Information Security organization to ensure architecture and design, and integration IT-infrastructure is sufficiently secure. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27000, CENELEC, NIST, SANS) in the project. Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organization. Evaluation of third-party components regarding product & solution security. Clearance of implementation and documentation of security critical components (e.g., cryptographic functions, hidden function, firewall settings) Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test). This includes recommendation and creation of security testing tools. Validation (e.g., friendly hacking, penetration testing) to ensure that implementation fulfills security expectations. Involvement in the analysis and handling of security vulnerabilities & incidents. Sound understanding of Product and solution security topic. Hands on experience of Threat and Risk Analysis (TRA) Supporting the systems engineering for security issues. Monitoring and evaluation of vulnerabilities and security incidents Assessment of security-related requirements Proficient in MS Word, Excel (Writing Macros) and PowerPoint Management and Reporting Exhibiting excellent communication and analytical skills Desired Skills: 9+ years of experience is required. Great Communication skills. Analytical and problem-solving skills
