Job Description
- Graduate / Postgraduate in Computer Science / Cybersecurity or related fields.
- 3-6 years of Software development experience and minimum 2 years’ experience in Cybersecurity.
Should have mandatory expertise in the following:- Developing products and services for customers
- Security architecture and design
- Threat modeling / security risk analysis
- Secure software development lifecycle processes
- Windows Operating System and Networking (Basics)
- Scripting knowledge (Python / Powershell / Bash)
Added advantage of certification:
- Certified Information Systems Security Professional (CISSP) or Certified Secure Software Life cycle Professional (CSSLP) or equivalent demonstrated expertise is beneficial.
Areas of Responsibility:Support project teams in conducting the corresponding security activities during the development process, project management process and services and in product and
solution release.
- Participate in incident response teams, incident escalation
- Participate in threat and risk analysis workshops
- Provide expertise and support in security tools to product teams
- Conduct product and solution security training and development of training material.
- Develop and maintain security guidelines and guidance for product development teams.
- Collect product & solution security related lessons learned and feed into continuous improvement activities (e.g. update of guidelines, reporting to PSSOs, integration in awareness material).
- Stay up to date on the latest security threats/technologies.
- Support the development of the PSS community within the organization, with experience exchange internally and externally.
- Support multiple projects at the same time and should occupy the function for the main part of defined working time.
Collaboration and Connects:(
internal/external): Internal: Cybersecurity officer of the BL, other Cybersecurity experts across the Org., Quality and Risk Management, Product Owners, Architect, Project Managers, Development and Test team.
External: Security Community, External companies (collaboration, standardization), Customer's security representatives