▷ (15h Left) Cyber Security Specialist - Product Cyber Security - Cyber Security Standards IEC 62443

Position : Product Cyber Security Specialist / Architect

Location : Hyderabad India

Duration : Full Time Role

The Product Cyber Security Specialist / Architect works closely with product development teams across all global regions executing cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You are a strong technical expert in matters related to threat modeling and cyber controls and will report to a team manager responsible for product architecture review and testing. This role is part of the Product Cyber team (under the Global DT Cyber team) which focuses on continuously improving the cyber posture of products that are often installed in customer's environments and product related to mobile and cloud components.

What will you do :

Work with product development teams and carry out functional cyber risk assessments to identify applicable cybersecurity requirements throughout the entire development cycle.

Develop standard work documents for cyber controls that meet technical requirements (for both systems and components) arising from standards such as IEC 62443

Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification.

Lead or support the standard work associated with product cyber security incident response management

Work closely with the product testing teams to validate recommended security controls

Continually enhance the capabilities of the Cyber security team :

Identification of technology and methodology gaps

Participation and leading technical and industry committees

Creation of discipline health score card.

Work in an environment of continuous improvement and lean process and product development.

Stay updated on latest cyber security hacking news, technologies and methodologies including :

The latest attack methodologies include penetration testing and red-team methodologies.

Latest forensic and incident response methodologies.

Attend security or hacker conferences and stay on the cutting edge

What You Will Need :

10+ years of experience with focus on product cybersecurity and hardening methods on various products such as embedded, IoT, cloud or mobile

2+ years hands-on experience with penetration testing methodologies and tools.

In-depth knowledge of IEC 62443 or similar recognized cybersecurity standards and frameworks.

In-depth knowledge of state-of-the-art cybersecurity controls and mitigation methods

Working knowledge on developing cyber security threat modeling and systematic discovery of threats throughout product lifecycle

Experience of risk assessment and risk treatment strategies utilizing recognized risk management frameworks.

Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit / compliance tools

Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams.

Bachelor of Science / Engineering in cyber security, computer science or a related engineering discipline