Sr. Embedded Software Engineer
Are you an Product Security Officer with 5 years of relevant experience in IT security, OT security and information security risk management? Please read the position below!
The product security officer is an operational position responsible for assuring the business develops their products within our client cyber and information security risk appetite -in compliance with product security risk management framework and cross-product security reference architecture- by providing advice, design support, assurance, guidance, and subject matter expertise. A cutting edge position in a sense that it is a mix of security risk management and architecture related responsibilities;
- Contribute to the development, maintenance, and improvements of product security compliance, risk, and assurance means and methods, such as policies, standards, benchmarks, guidelines, assessment tooling, security processes, etc.;
- Contribute to the development, maintenance, and improvements of product security architecture means and methods, such as cross-product security reference architecture and design patterns;
- Execute product security control and risk assessments and drive mitigation in product development processes;
- Register product security risks and exceptions in respective R&D registers;
- Execution and coordination in product security incident and exception management processes;
- Capable to design and to support in design of solution architecture -including technical and operational aspects- for product security services;
- Support business line programs, product architects, and engineers in solution architecture, design and implementation of security requirements in products and services;
- Provide and contribute to security awareness trainings for specialized topics such as secure software development.
Wat verwachten we van jou?
Bachelor/ master degree or equivalent combination of education and experience.
- Minimum of 5 years of relevant experience in IT security, OT security and information security risk management;
- Proven strong IT and software architecture knowledge and background;
- Proven experience with risk management frameworks such as ISO 27001;
- Vendor agnostic expertise of IT/ software architecture;
- Knowledge of open source software;
- Experience in Linux environments;
- Proven up-to-date experience with vulnerability scanning and/ or penetration testing;
- Pre: proven experience in secure software development and secure programming;
- Pre: Experience with certificates and encryption techniques;
- Pre: Knowledge of virtualization and containerization technologies such as VMware, Kubernetes and Docker.
- Generic security certifications like CISSP, and CISM;
- Specialized security certifications like CEH, SABSA, GDSA, and GCIH.
- Skill to lead, influence, and negotiate without authority;
- A business enabling security attitude in opposite to a business disabling one;
- Strong analytical skills in combination with common sense;
- Ability to translate risks, threats, and vulnerabilities to business stakeholder level and to drive risk mitigation, dealing with resistance and risk appetite;
- Pro-active and self-motivated attitude;
- Political aware and sensitive;
- Fluent English (written and verbal);
- Team player;
- Strong communication and presentation skills;
- Drive to retrieve the root cause of the problem.
Wat kun jij van ons verwachten?
The right candidate will be provided a challenging and varied position in a professional, high-tech environment. An appropriate salary, future prospects and excellent benefits are evident. After a period of secondment and functioning properly, you can be contracted by our client.
Voordelen van solliciteren via Trinamics
- Keuze uit meer dan 500+ technische vacatures.
- Je profiteert van ons grote netwerk aan bedrijven.
- Eenmaal aan het werk, blijven we met je in contact.
- Altijd een persoonlijke consultant voor ál jouw vragen.