Siemens Careers

Product & Solution Security (PSS) Professional for Security Technologies

Bengaluru, India
Research & Development

Apply
English (UK)

Job Description

What are my responsibilities?
The Product & Solution Security (PSS) Professional for Security Technologies is responsible to identify latest security threats & technology trends (e.g. in Embedded, Web, Mobile, Cloud & IoT domains) across the software development lifecycle (requirements, architecture, design, coding, testing, deployment, monitoring, etc.), conceptualize and drive prototypes in trending technologies to support decision analysis & risk (DAR) and support in performing security architecture & design reviews for R&D software & firmware development projects in the industrial automation domain. The Security Technology Expert additionally supports the PSS program leader in providing security technology consulting support to the project teams.

The Security Technology Expert needs to have experience in the following areas: development using established programming languages on the Linux and Windows environments for Embedded, Mobile, Web & Cloud applications, Security Threat & Risk Analysis, scripting technologies and Secure Testing concepts. They should support multiple projects at the same time and will occupy the PSS function full-time, reporting to the PSS COE Head. The responsibilities of the Security Technology Expert include but are not limited to:

Understanding Siemens security requirements to drive adherence for Embedded, Web, Mobile, Cloud & IoT environments 
Creating security concepts based on company security requirements
Defining, maintaining and evangelizing an up-to-date security threat & technology landscape 
Conceptualizing and implementing tool-driven and highly-automated prototypes to showcase security threat mitigations across the SW product development lifecycle
Interfacing with project teams on security needs, gaps, technology implementation & continuous support
Coaching project teams on awareness of security technologies and their implementation
Supporting project teams on security threat & risk analysis and management
Interfacing the support functions (e.g. InfoSec, Configuration Management, Quality Management etc.) to support definition of holistic security concepts and measures

What do I need to qualify for this job?
Desired Qualification, Experience and Competences:
Qualification: BE/ B.Tech degree in Computer science or electrical engineering or IT security
Experience: Overall 5+ years of professional experience in SW development/testing with at least 2 years experience in the product security domain
Competences:
Complex IT systems know-how (client-server, storage & networks, file shares, cloud deployment) – Expert
Technology & Security topics (network & application security, infrastructure hardening, web-server & database security, security baselines) – Expert
IT Security, Data Protection & Cryptography – Expert
SW Development / Testing in the Windows / Linux Environment – Advanced
SW Development in Embedded / Web / Mobile / Cloud environments – Advanced
OWASP & Web Security – Advanced
Cloud (Amazon, Azure) Security architectures, container technologies & standards – Advanced
IoT Security technologies & standards – Basic
Programming in C++ / C#.NET / Web-technologies – Advanced
Scripting Technologies (e.g. Python, Perl, Ruby) – Advanced
SCA tools (e.g. Coverity, SonarQube, Veracode, etc.) hands-on experience – Advanced
Security Testing Concepts & Tools – Advanced
Written & Verbal Communication Skills – Expert
Presentation Skills – Expert
Domain (Industrial Automation) – Optional, but Preferable

Job ID: 102253

Organization: Corporate Technology

Experience Level: Mid-level Professional

Job Type: Full-time





Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?